Advanced Systems Design

Systems Architect - 2356

DSR-002356 - Tallahassee, FL - Full Time

 Advanced Systems Design is seeking a Systems Architect for our client located in Tallahassee, FL.

This position is onsite in Tallahassee, FL, and requires in-person availability starting day 1. 

Job Overview:

This position is responsible for the implementation and configuration of the identity and access management platform, OKTA . This includes Universal Directory, Single Sign-On, Adaptive MFA, Lifecycle Management, Identity Governance, and Privileged Access. We require expertise in best practices for identity and access management (IAM) and a strong understanding of the Okta platform.

The Systems Architect will be directed and managed by the Office of Information Technology (OIT) to ensure the Okta implementation's architecture and configuration align with Department-wide identity and access management standards and objectives.

Okta Implementation and Configuration
The Systems Architect shall be responsible for implementing and configuring the following Okta modules to meet specific requirements:

Universal Directory (UD)
Establish Okta as the central source of truth for user identities.
a. Configuration and maintenance of Okta Universal Directory.
b. Integration of Okta with existing directories (e.g., Active Directory) and HR systems.
c. Design and implementation of user schema and group structures.

Adaptive Multi-Factor Authentication (MFA)
Implement adaptive MFA across all our applications to enhance security.
a. Implementation and configuration of Adaptive MFA policies.
b. Integration of MFA with various applications.
c. User enrollment and support for MFA.

Integration with Zero Trust Network Access (ZTNA) Tool
Integrate Okta with our existing ZTNA solution.
a. Collaboration with the ZTNA team to integrate Okta.
b. Configuration of Okta to support ZTNA policies.
c. Troubleshooting integration issues.

Lifecycle Management (LCM)
Implement automated user provisioning and de-provisioning based on approval workflows and the principle of least privilege. This includes assisting in identifying and defining appropriate roles based on positions and responsibilities.
a. Development and implementation of automated provisioning and de-provisioning workflows.
b. Configuration of application integrations for LCM.
c. Ongoing maintenance and optimization of LCM processes.

Role-Based Access Control (RBAC)
Design and implement a robust RBAC model within Okta.
a. Design and implementation of RBAC models within Okta.
b. Assignment of roles and permissions to users.
c. Review and maintenance of the RBAC structure.

Identity Governance (IG)
Configure access certifications, particularly with a focus on privileged access roles. Implement reporting, auditing, and overall governance on identity data and access.
a. Configuration and execution of access certifications.
b. Generation of reports and audit logs related to identity and access.
c. Implementation of identity governance policies.

Privileged Access (PA)
Implement Just-In-Time (JIT) access, step-up authentication, and session isolation and monitoring for privileged users.
a. Configuration of JIT access and step-up authentication.
b. Implementation of session monitoring for privileged users.
c. Documentation of privileged access procedures.

Required Qualifications:

  • 10+ years of documented experience in Information Technology, with a strong focus on Security and Identity and Access Management (IAM).
  • Hands on Experience implementing and configuring enterprise identity platforms, particularly Okta.

Preferred Qualifications:

  • Deep technical expertise in the Okta platform, including advanced configuration and management.
  • Proven ability to architect and implement Okta solutions in complex environments.
  • Experience with integrating Okta with various applications and security tools (like ZTNA).
  • Designing and implementing automated provisioning workflows and Role-Based Access Control (RBAC) models within Okta.
  • Experience with access certifications, particularly for privileged access roles.
  • Setting up and utilizing Okta's reporting, auditing, and identity governance functionalities.
  • Implementing Privileged Access features such as Just-In-Time (JIT) access and step-up authentication.
  • Excellent verbal and written communication skills, including the ability to articulate complex technical concepts related to identity and access management to both technical and non-technical stakeholders (security teams, application owners, end-users).
  • Ability to clearly document system configurations, integration processes, and architectural designs related to identity management.
  • Facilitation of technical discussions and workshops related to identity and access management design and implementation.
  • Ability to present identity management solutions and recommendations effectively to various audiences.
  • Understands the importance of clear and timely communication regarding project status, risks, and issues related to the identity management environment.
  • Proactively shares knowledge and best practices related to identity management with the internal team.
  • Deep and comprehensive understanding of enterprise-level identity and access management platforms, including directory services, single sign-on (SAML, OAuth 2.0, OIDC), multi-factor authentication, lifecycle management (provisioning, de-provisioning, workflows), identity governance (access certifications, SoD), and privileged access management (JIT, step-up).
  • Strong understanding of integration methodologies for connecting identity management systems with various SaaS applications, on-premises systems, directories (AD, LDAP), and custom applications using standard protocols and APIs.
  • Working knowledge of security protocols and best practices related to authentication, authorization, and identity management.
  • Understanding of network concepts relevant to identity management system deployment and integration (firewalls, proxies, etc.).
  • Familiarity with scripting languages (e.g., PowerShell, Python) for automation tasks within or related to identity management.
  • Knowledge of API integration and management, particularly with identity management platform APIs.
  • Strong analytical skills to diagnose and resolve technical issues within the identity management environment and its integrations.
  • Ability to translate business requirements into effective and secure identity management configurations and policies.
  • Excellent troubleshooting skills for authentication, authorization, provisioning, and other identity management-related problems.
  • Ability to identify potential risks and propose mitigation strategies related to the identity management implementation.
  • Keeps abreast of the latest features, updates, and security best practices in the identity and access management landscape.
  • Ability to optimize identity management system configurations for performance and scalability.
  • Ability to guide the technical implementation of the identity management platform based on best practices and architectural principles.
  • Experience in designing scalable and secure identity management solutions to meet current and future needs.
  • Ability to make sound technical decisions regarding platform configuration and integration strategies.
  • Mentors and guides internal team members on identity management best practices and technical aspects.
  • Ability to effectively collaborate with security teams, application owners, network engineers, and other stakeholders during the identity management platform implementation.
  • Acts as a technical liaison between different teams regarding identity management-related matters.
  • Willingness to assist in various technical tasks related to the identity management deployment.
  • Facilitates technical discussions and knowledge sharing about the identity management platform within the team.

Advanced Systems Design, Inc. is:

  • A leading Information Technology provider for Federal, State & Local government agencies.
  • A certified minority-owned small business government contractor with capabilities related to Public Health IT, Criminal Justice, Transportation, and Defense.
  • A certified service-disabled veteran-owned company with a proud 42-year track record of providing successful innovative solutions for our government customers.
  • A drug-free workplace in accordance with the Drug-Free Workplace Act of 1988. 
  • Applicants who have a signed offer of employment or contractor agreement are subject to:
    • the pre-employment testing protocol:
      • background investigation
      • drug screening

Our Employees:

  • Are actively working on next-generation technology projects with the U.S. Department of Veterans Affairs, CDC, and a wide array of Federal, State, and Local agencies throughout the United States
  • Are eligible for wide-ranging benefits and perks, including but not limited to:
    • Comprehensive Health Insurance with PPO and HDHP/HSA options
    • Dental Insurance
    • Vision Insurance
    • Short/Long-Term Disability
    • Group Life Insurance - Company Paid
    • Voluntary Life Insurance
    • 401(k) Plan with Employer Match
    • Paid Time Off (Vacation/Sick)
    • Holiday Pay - Company Paid Federal Holidays
    • Tuition Assistance
    • Professional Certification Incentive Plan
    • Employee Referral Plan
    • Technology Exposure

For additional information regarding Advanced Systems Design, please check out our WEBSITE  or click HERE for all current job openings.

Advanced Systems Design is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Apply: Systems Architect - 2356
* Required fields
First name*
Last name*
Email address*
Location
Phone number*
Resume*

Attach resume or Paste resume

Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or paste resume

Paste your resume here or attach resume file

Cover Letter
Who referred you to this position? Enter their first and last name here.
Are you willing to relocate?
What’s your citizenship / employment eligibility?
What’s your highest level of education completed?*
LinkedInLinkedIn profile URL:
Desired salary
How many years of experience do you have in Information Technology, with a strong focus on Security and Identity and Access Management (IAM)?*
How many years of experience do you have in articulating complex technical concepts related to identity and access management to both technical and non-technical stakeholders (security teams, application owners, end-users)?*
How many years of experience do you have in documenting system configurations, integration processes, and architectural designs related to identity management?*
How many years of experience do you have in the Facilitation of technical discussions and workshops related to identity and access management design and implementation?*
How many years of experience do you have in presenting identity management solutions and recommendations, effectively to various audiences?*
How many years of experience do you have in sharing knowledge and best practices related to identity management with the internal team?*
How many years of experience do you have in enterprise-level identity and access management platforms, including directory services, single sign-on (SAML, OAuth 2.0, OIDC), multi-factor authentication, lifecycle management (provisioning, de-provisioning, workflows), identity governance (access certifications, SoD), and privileged access management (JIT, step-up)?*
How many years of experience do you have in integration methodologies for connecting identity management systems with various SaaS applications, on-premises systems, directories (AD, LDAP), and custom applications using standard protocols and APIs?*
How many years of experience do you have in security protocols and best practices related to authentication, authorization, and identity management?*
How many years of experience do you have in network concepts relevant to identity management system deployment and integration (firewalls, proxies, etc.)?*
How many years of experience do you have with scripting languages (e.g., PowerShell, Python) for automation tasks within or related to identity management?*
How many years of experience do you have in API integration and management, particularly with identity management platform APIs?*
How many years of experience do you have in diagnosing and resolving technical issues within the identity management environment and its integrations?*
How many years of experience do you have in translating business requirements into effective and secure identity management configurations and policies?*
How many years of experience do you have in authentication, authorization, provisioning, and other identity management-related problems?*
How many years of experience do you have in identifying potential risks and proposing mitigation strategies related to the identity management implementation?*
How many years of experience do you have in keeping abreast of the latest features, updates, and security best practices in the identity and access management landscape?*
How many years of experience do you have in optimizing identity management system configurations for performance and scalability?*
How many years of experience do you have in guiding the technical implementation of the identity management platform based on best practices and architectural principles?*
How many years of experience do you have in designing scalable and secure identity management solutions to meet current and future needs?*
How many years of experience do you have in making sound technical decisions regarding platform configuration and integration strategies?*
How many years of experience do you have in mentoring and guiding internal team members on identity management best practices and technical aspects?*
How many years of experience do you have in collaborating with security teams, application owners, network engineers, and other stakeholders during the identity management platform implementation?*
How many years of experience do you have in acting as a technical liaison between different teams regarding identity management-related matters?*
How many years of experience do you have in assisting with various technical tasks related to the identity management deployment?*
How many years of experience do you have in facilitating technical discussions and knowledge sharing about the identity management platform within the team?*
Do you now, or will you, later on, require sponsorship for employment visa status to legally work for our company in the United States?*
This position is located in Tallahassee, FL.
Do you currently live in or are you willing to relocate to the Tallahassee, Florida area?*
I have read the job description and I meet the required skills for this position?*
Are you looking for full-time W2 employment with benefits?*
The following questions are entirely optional.
To comply with government Equal Employment Opportunity and/or Affirmative Action reporting regulations, we are requesting (but NOT requiring) that you enter this personal data. This information will not be used in connection with any employment decisions, and will be used solely as permitted by state and federal law. Your voluntary cooperation would be appreciated. Learn more.
Gender
Race/Ethnicity
Invitation for Job Applicants to Self-Identify as a U.S. Veteran
  • A “disabled veteran” is one of the following:
    • a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or
    • a person who was discharged or released from active duty because of a service-connected disability.
  • A “recently separated veteran” means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.
  • An “active duty wartime or campaign badge veteran” means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.
  • An “Armed forces service medal veteran” means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.
Veteran status
I IDENTIFY AS ONE OR MORE OF THE CLASSIFICATIONS OF PROTECTED VETERAN LISTED ABOVE
I AM NOT A PROTECTED VETERAN
I DON’T WISH TO ANSWER
Voluntary Self-Identification of Disability
Voluntary Self-Identification of Disability Form CC-305
OMB Control Number 1250-0005
Expires 04/30/2026
Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury
Please check one of the boxes below:
YES, I HAVE A DISABILITY, OR HAVE HAD ONE IN THE PAST
NO, I DO NOT HAVE A DISABILITY AND HAVE NOT HAD ONE IN THE PAST
I DO NOT WANT TO ANSWER

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

Name Date
Human Check*