IAM Linux Engineer

Systems Administration:

• Deploy, configure and manage HPC-scale services in a Linux environment, primarily RedHat and Rocky
• Assist in deploying, scaling and maintaining on-premise Kubernetes clusters
• Perform regular patches, updates and backups
• Monitor systems using tools like Nagios and Grafana
• Respond to and assist in troubleshooting issues

Identity Management and Security:

• Administration of RSA SecureID and PingFederate servers
• Deploy, configure and support identity and access management services such as single-sign on (SSO), OAuth, two-factor auth, zero trust, etc...
• Maintain and enable secure access for human users and automated workloads in kubernetes
• IdM integration with user applications and Entra ID

Virtualization and Automation:

• Deploy and manage resources in the NCCS VMware environment
• Automate systems administration tasks using tools like Puppet, Terraform and Ansible

The High-Performance Computing Systems Section within the National Center for Computational Sciences (NCCS) is seeking an IAM Linux Engineer to join the HPC Infrastructure group. The preferred candidate will possess commensurate knowledge, skills and abilities in addition to relevant education, certifications, experience and demonstrated ability to work as a member of a team., * Bachelor's degree in computer science or closely relate field and a minimum of 2 years of experience in Linux systems administration and/or Identity Management, or a Master's Degree and a minimum of 1 year of experience in Linux systems administration and/or Identity Management.

• An equivalent combination of education and experience will be considered.

Preferred Qualifications:

• Excellent interpersonal/communication skills and the ability to work within a team
• Foundational knowledge of modern authentication and authorization standards, includingSAML,OAuth 2.0,OpenID Connect (OIDC), andLDAP.
• Experience administering Kubernetes on on-premises infrastructure (K3s, RKE2, or similar)
• Experience with GitOps tools and methodologies
• Familiarity with managing user identities and group memberships in LDAP and Active Directory
• Understanding of cloud-native IAM concepts (roles, policies, and service accounts) in platforms likeAWS,Azure, orGCP.
• Strong working knowledge of Linux system fundamentals and common network protocols
• Programming and scripting skills in common languages such as Python and bash
• Understanding of versioning and code review tools like GitHub and GitLab
• Experience with configuration management tools such as Puppet or Ansible
• Experience deploying and maintaining virtual environments using VMWare
• Working knowledge of common infrastructure services such as OpenLDAP, DNS, DHCP, etc...
• Ability to plan, prioritize and complete assigned projects with minimal supervision

Special Requirements:

• This position requires the ability to obtain and maintain a clearance from the Department of Energy. As such, this position is a Workplace Substance Abuse (WSAP) testing designated position. WSAP positions require passing a pre-placement drug test and participation in an ongoing random drug testing program.

ORNL offers competitive pay and benefits programs to attract and retain individuals who demonstrate exceptional work behaviors. The laboratory provides a range of employee benefits, including medical and retirement plans and flexible work hours, to support the well-being of you and your family. Employee amenities such as on-site fitness, banking, and cafeteria facilities are also available for added convenience.

Other benefits include the following: Prescription Drug Plan, Dental Plan, Vision Plan, 401(k) Retirement Plan, Contributory Pension Plan, Life Insurance, Disability Benefits, Generous Vacation and Holidays, Parental Leave, Legal Insurance with Identity Theft Protection, Employee Assistance Plan, Flexible Spending Accounts, Health Savings Accounts, Wellness Programs, Educational Assistance, Relocation Assistance, and Employee Discounts.

NCCS Provides state-of-the-art computational and data science infrastructure coupled with dedicated technical and scientific professionals tackling large-scale problems across a broad range of scientific domains for accelerating scientific discovery and engineering advances. NCCS hosts the Oak Ridge Leadership Computing Facility (OLCF), one of the Department of Energy's (DOE) National User Facilities which operates Frontier, the nation's first exascale supercomputer., As a U.S. Department of Energy (DOE) Office of Science national laboratory, ORNL has an impressive 80-year legacy of addressing the nation's most pressing challenges. Our team is made up of over 7,000 dedicated and innovative individuals! Our goal is to create an environment where a variety of perspectives and backgrounds are valued, ensuring ORNL is known as a top choice for employment. These principles are essential for supporting our broader mission to drive scientific breakthroughs and translate them into solutions for energy, environmental, and security challenges facing the nation.