PSDC -Functional Architect at Remote, Remote, USA |
Email: [email protected] |
Role: PSDC -Functional Architect Client: Commonwealth of PA 2 Location: Remote Local to PA candidates only- With local ID Position: Functional Architect - Will be responsible for designing, implementing, and overseeing the FIDO (Fast Identity Online) authentication framework within the project. The architect will work closely with the project team to ensure the successful architecture and integration approach of FIDO-based MFA solutions into the existing infrastructure and Public Safety applications. Responsibilities: Architectural Design: Develop a comprehensive architectural design for the integration of FIDO-based MFA solutions with the existing systems, including Azure, Microsoft Entra, AD, Commonwealth PKI, certificate services, and Commonwealth applications. Technology Evaluation: Evaluate FIDO2 security keys, smartcards, and Windows Hello for Business as potential authenticators to meet the CJIS Security Policy requirements. Compliance Assurance: Ensure that the FIDO-based MFA solutions comply with the CJIS Security Policy, CJIS Requirements Companion Document, NIST SP 800-63 guidelines, and other relevant regulatory requirements. Integration and Testing: Oversee the integration of FIDO-based MFA solutions with the existing infrastructure, conduct thorough testing, and ensure seamless interoperability. Documentation and Training: Prepare detailed technical documentation, guidelines, and training materials for the implementation and maintenance of FIDO-based MFA solutions. This includes working with solutions architects, designers, and developers within public safety. Requirements: Experience: Proven experience in designing and implementing FIDO-based authentication solutions, preferably in the context of CJIS compliance. Proven experience and working knowledge of unified endpoint identification, registration, and authentication, preferably in the context of CJIS compliance. Technical Expertise: In-depth knowledge of FIDO2 security keys, smartcards, Windows Hello for Business, and their integration with Azure, Entra, AD, and other relevant systems. Regulatory Knowledge: Familiarity with CJIS Security Policy, NIST SP 800-63 guidelines, and other relevant regulatory frameworks. Communication Skills: Strong communication and collaboration skills to work effectively with cross-functional teams and stakeholders. Deliverables: Comprehensive architectural design for FIDO-based MFA and device registration and integration which starts with workstation CJIS MFA secured logon and moves towards CJIS MFA security at the application(s). Phased approach and timeline for achieving the full architectural design. The first focus should address the FIDO2 MFA with users starting with the Pennsylvania State Police and rolling out to the other Public Safety Deliver Center Agencies. The second focus should address machine registration and identification. Timeline: The Functional Architect will be engaged to complete the architectural design, phased implementation approach, and documentation to assist architects and solutions team with the implementation of the CJIS MFA and end point solution. Conclusion: The Functional Architect will play a crucial role in ensuring the successful implementation of multi-factor authentication solutions for the CJIS project in Pennsylvania, contributing to the security and compliance of the Commonwealth's criminal justice information systems. Citations: The CJIS Security Policyv5.9.2 introduced important revisions in Section 5.6 Identification and Authentication (IA) and Section 5.15 System and Information Integrity (SI)among other changes. Of particular significance to law enforcement and criminal justice agencies using cloud services for the transmission, storage, or processing of CJI are the updated multi-factor authentication (MFA) requirements for identification and authentication of organizational users. Microsoft Entra ID supports both authenticator and verifier NIST SP 800-63B AAL3requirements, including the underlying FIPS 140 validation requirements. Microsoft Entra ID support for NIST SP 800-63B AAL3 exceeds the CJIS Security Policy MFA requirements. In Microsoft's continuous effort to provide resources and guidance to agencies to help them meet their CJIS regulatory requirements, Microsoft collaborated with CJIS Security Analyst and Subject Matter Expert of the CJIS ACE Division at Diverse Computing and former CJIS Information Security Officer (ISO). Respectfully & Best Regards Swapna S Everest Consulting Group Inc 3840 Park Ave Suite #203, Edison, NJ 08820 [email protected] Direct :732 609 8666 732-548 2700 Ext: 8666 Mobile: 215 806 4493 -- Keywords: active directory information technology Idaho Iowa New Jersey Pennsylvania PSDC -Functional Architect [email protected] |
[email protected] View all |
Fri Aug 02 20:36:00 UTC 2024 |