Computer Systems Engineer

Berkeley Lab’s IT Division is looking for a Computer Systems Engineer to serve as member of the IT Collaboration Services Group providing support for Berkeley Lab’s institutional identity management (IDM) service.

Support of the IDM service includes: monitoring and maintaining the performance of complex systems  and creating scripts and applications to support operation. The Engineer will work with the IDM architect and key stakeholders to plan and implement major infrastructure upgrades and interact with users, project teams and/or high-level systems professionals to establish system specifications, implement and operate systems and troubleshoot systems problems.

The Computer Systems Engineer will:

  • Implement and manage institutional identity management services such that they continue to provide useful, high quality, reliable service. This includes: OpenLDAP Directory, Federated Identity, Single Sign-on, OAuth, MFA.

  • Maintain all services at 99.9% availability. These systems impact every business and collaboration system used at Berkeley Lab including FMS, HRIS, Google Services, Taleo, etc.  Approximately 4500 employees and affiliates use one or more of these systems every day.

  • Support vendors and system administrators of dependent systems and independently interact with other technical staff within the IT Division.

  • Provide subject matter expertise for system design and development as well as problem resolution.

  • Provide tier II support for LBNL’s G  Suite services by interfacing with G Suite support for technical issue resolution.

  • Maintain and update the software interface between the Labs’ enterprise directory and the G Suite environment.

  • Lead small teams and mentor junior programmers to accomplish the work.

  • Plan, organize, prioritize and complete assigned tasks and projects in a timely manner and frequently and clearly communicate tasks and/or project status to management.

  • Work closely with the Cybersecurity members to monitor, prevent, and mitigate computer security issues, especially in the realm of identity and access management and assure that all services have the necessary cybersecurity protections in place.

  • Market identity management services by demonstrating technical competence in these areas and providing excellent customer service.

  • Monitor trends in the computing environment.

  • May participate in the formulation, planning, organizing, implementation and support of new services or capabilities.


Minimum Education Level: Bachelor's or Equivalent

Minimum Qualifications:

  • Bachelor’s Degree or equivalent experience and a minimum of 8 years related experience.

  • Experience integrating diverse information/directory systems with homegrown solutions; well-versed in scripting (e.g., Javascript, Perl, Python, etc.) as well as developing integrations using NodeJS, Java, and Go.

  • Experience with the deployment and support of web servers and web services, especially with Apache httpd, Apache Tomcat, Jetty, and NodeJS with Express.

  • In-depth experience and knowledge of directory services such as OpenLDAP, Active Directory, and RADIUS.

  • Demonstrated experience and project success in best practices for Identity and Access Management for supporting enterprise level access including: user account provisioning and lifecycle management, authentication techniques at the end user device, network, platform and application layers, single-Sign On with SAML and OpenID Connect, enterprise directory architecture and design, audit, logging and governance, Multifactor Authentication technologies (e.g., OATH, U2F, WebAuthn, smart cards), and privileged access management concepts and implementation

  • Working knowledge of relational database management systems such as Oracle, MS SQL Server, and MySQL.

  • Experience with the creation of custom Docker images and the use of container orchestration systems.

  • Expert knowledge of G Suite (Gmail, Calendar, Sites, Groups, Drive) as well as complementary marketplace applications.  Working knowledge of operating systems such as Microsoft Windows, Linux, Mac OSX and with heterogeneous desktop computing environments.

  • Extensive experience with management of production services in a large user  environment. Experience with cybersecurity protection and monitoring of central servers.  Experience and knowledge in technical comprehension of networking, and software development techniques.  

  • Excellent teamwork and leadership skills with the ability to work under limited supervision.  Excellent verbal, written communication skills and project management skills. Excellent problem solving skills.

Additional Desired Qualifications:

  • Advanced degree in electronics engineering, computer science, computer systems technology, or equivalent experience.

  • Previous experience in a research environment or a customer service delivery organization.


  • This is a 6-month Term appointment that may be renewed or converted to Career based upon several factors, including: performance, budget and ongoing operational needs.

  • Full-time, M-F, exempt from overtime pay (monthly paid).

  • Salary is commensurate with experience.

  • This position is contingent on the successful completion of a background check.

  • Work will be primarily performed at Lawrence Berkeley National Lab, 1 Cyclotron Road, Berkeley, CA.

Posted: January 8, 2019
<< Back to Job-Board