Overview
Asian Development Bank (ADB) is an international development finance institution headquartered in Manila, Philippines and is composed of 68 members, 49 of which are from the Asia and Pacific region. ADB is committed to achieving a prosperous, inclusive, resilient, and sustainable Asia and the Pacific, while sustaining its efforts to eradicate extreme poverty. ADB combines finance, knowledge, and partnerships to fulfill its expanded vision under its Strategy 2030.
The position is assigned in the Infrastructure and Technology Operations Division (ITID) within the Information Technology Department (ITD). ITD enables ADB’s digital agenda and supports the Bank’s global operations. The department delivers digital innovation, IT infrastructure, services and solutions, and provides tools and knowledge platforms.
ITID is responsible for the design, governance, implementation, maintenance, and day-to-day operations of ADB’s technology infrastructure, platforms, security and associated systems. This division works to ensure that the bank’s production technology systems are operational and available to the people of ADB and continually monitors the bank’s infrastructure and applications for potential security threats and breaches. This division also stays abreast of the latest developments in end-user devices, mobility, and technology architecture to ensure ADB is taking advantage of the latest technologies when it makes business sense.
To view ADB Organizational Chart, please click here.
Job Purpose
The Associate IT Officer (Authentication and Access) is responsible for the management and operation of the security access management infrastructure, requiring its configuration, optimization and integration with current or planned on premise and cloud services and systems. The incumbent will report to a designated International Staff.
Responsibilities
Administers and maintains the following: a) security access management, and b) middleware infrastructure including the testing, upgrading, and developing automation scripts for configuration. Evaluates, proposes, and implements recommendations to improve federation and advanced access functionality. Evaluates, proposes, and implements recommendations to improve DevOps pipelines, and infrastructure automation. Ensures all operational and architectural documentation of Middleware and SSO infrastructure are up to date. Ensures that Datadog monitoring, synthetic tests and auto-healing are in place for all middleware platforms and components. Provides 3rd level technical support for all a) identity & access, and b) middleware concerns, liaising with other Information Technology Department (ITD) staff and internal clients, when required. Provides 3rd level technical support for Robotic Process Automation and Chatbot platforms. Assists in the formulation of overall direction for a) security access management, b) middleware, and c) DevOps and automation technologies. Communicates with appropriate vendors to identify solutions to problems, explores capabilities and understands requirements of applications under development, and maintains current knowledge of technology; ensures up-to-date knowledge of federation, identity as a service (IDaaS) and advanced access technologies and developments.Relevant Experience & Requirements
• Bachelor’s degree in Computer Science, Mathematics, Electrical Engineering or relevant fields.
• Minimum of 6 years of relevant IT professional experience.
• With strong theoretical background and practical hands-on experience on: (a) IBM Security Access Management (version 9.0.2.1 and higher), (b) ISAM Federation and (c) ISAM Advanced Access Control.
• With strong theoretical background and practical hand-on experience on identity federation and advanced access concepts such as: (a) Multifactor authentication (MFA), (b) Conditional Access, and (c) Azure Information Protection on Microsoft Enterprise Mobility + Security (EMS) especially on Azure Active Directory (AAD).
• With extensive knowledge of JavaScript server-side scripting, operating systems (Windows 2008 and 2012 and Linux), virtualization (VMWare, ESXi) and LAN/WAN.
• With advanced proficiency on federation concepts such as: Security Assertion Markup Language (SAML), OAuth, Open ID Connect (OIDC), etc.
• With working knowledge on advanced access concepts such as: Push Notification Login, TOTP/HOTP, Token Binding, U2F, etc.
• Advanced proficiency in developing script libraries for automation (i.e. python, etc.).
• Working knowledge of asynchronous messaging platforms such as IBM MQ.
• Working knowledge of HashiCorp Vault.
• Working knowledge of containerization and service orchestration (e.g., HashiCorp Nomad, Kubernetes, Swarm, etc.)
• Aptitude to perform analytical and conceptual thinking in troubleshooting and technical problem resolution.
• With general knowledge on administration of different middleware systems such as: Sharepoint Online, WebSphere Application Server, JBoss Enterprise Application Platform, WebSphere Portal, Watson Content Analytics, jBPM, and other J2EE technologies.
• With general knowledge of IT systems.
• Able to liaise and work effectively with staff, service providers and external vendors within own work location and throughout ADB.
• Able to work collaboratively with teams as a constructive team member.
• Excellent written and verbal communication skills in English is required
• Please refer to the link for ADB Competency Framework for NS1.
General Considerations
The selected candidate, if new to ADB, is appointed for an initial term of 3 years.
ADB offers competitive remuneration and a comprehensive benefits package. Actual appointment salary will be based on ADB’s standards and computation, taking into account the selected individual’s qualifications and experience.
ADB seeks to ensure that everyone is treated with respect and given equal opportunities to work in an inclusive environment. ADB encourages all qualified candidates to apply regardless of their racial, ethnic, religious and cultural background, gender, sexual orientation or disabilities. Women are highly encouraged to apply.
Please note that the actual level and salary will be based on qualifications of the selected candidate.
This vacancy is archived.