Job Description :
An Identity & Access Management Engineer is required to review, design, and implement a solution that encompasses:
1. Installation and Configuration
2. High Availability with Active/Active Configurations
3. ID Replication
4. Single Sign On (SSO)
5. Training and Documentation
Client''s new Data Center is called Panda. Panda will house the primary instance of ISAM, LDAP, and FDS. Currently, the primary instance is located in our JAX Data Center. Our KNX and JAX Data Centers will be an active/active configuration with Panda. JAX is scheduled for decommissioning 2016/2017.
The Engineer will review the current implementation of ISAM, LDAP, and FDS. From that review, the Engineer will:
1. Identify deficiencies in the current design
2. Define the new design
3. Implement the new design
The Engineer, working with members of Client''s Operations Production Support(OPS) team will implement the design. The implementation will provide the following:
1. Complete the installation and configuration of ISAM appliances in Panda and KNX
2. Complete the installation and configuration of LDAP VMs in Panda and KNX
3. Complete the installation of FDS in Panda and if the new design states, KNX
4. Implement High Availability and Active/Active configurations (Panda, KNX, JAX)
5. Implement ID Replication using LDAP, FDS, and Active Directory (Panda, KNX, JAX)
The Engineer will be responsible for training OPS team members. The Engineer will document all process and procedures, by following or enhancing Client''s best practices for documenting.
The time line for the completion of the project is as follows:
Week 1
1. Review current architecture and configurations
2. Identify deficiencies in design
3. Discuss deficiencies with the OPS team
4. Begin new design
Week 2
1. Document Design
2. Present Design to the OPS team
a. End to End
b. Failure point analysis
c. Problems/solutions
3. Obtain approvals
Weeks 3 - 10
1. Implementation
a. Development Environment (if required)
b. Test/Performance/Staging Environment (if required)
c. Production Environment
d. Monitoring and notification of component failure
e. Monitoring and notification of capacity issues
f. Daily/Weekly/Monthly capacity reports
i. Throughput
ii. Adds, changes, deletes
iii. Appliance and VM thresholds
g. Component failover test of design
h. Disaster Recovery test of design
Weeks 11 – 12
1. Training of OPS team in support of the design
2. Complete additional documentation required for turnover
The expected deliverables of the project are as follows:
1. ISAM installed, configured, and using the recommended firmware version by the vendor
2. LDAP installed, configured, and using the recommended software version by the vendor
3. FDS installed, configured, and using the recommended software version by the vendor
4. Fully functional ID management replication between Active Directory and LDAP
5. Fully Function ID management LDAP replication across three data centers
6. High Availability and automated failover when any component fails
7. Active/Active configuration so all components can service requests
8. A fully tested implementation that covers
a. Component failure
b. Data Center failure
c. Monitoring triggers
d. Notifications
e. Documented Solutions
9. Reporting Capabilities
a. Daily/Weekly/Monthly capacity reports
i. Throughput
ii. Adds, changes, deletes
iii. Appliance and VM thresholds
10. Trained Client members that can accomplish day to day support
11. Documentation
a. Overall architectural design and flow
b. Failure points and solutions (components/data center)
c. Monitors and solutions
d. Reporting
e. Production Readiness check list (Client supplies)
If you are comfortable with the requirement, please forward your profile to avinash at keylent dot com or you can reach me on 4 0 7 4 0 1 9 1 6 4