Architect, design, and implement enterprise Identity, Credential, and Access Management (ICAM) solutions in alignment with Zero Trust principles.
Develop and maintain IDAM frameworks, policies, and controls ensuring compliance with federal security standards (e.g., NIST SP 800-53, 800-63, FIPS 201, OMB M-22-09).
Integrate identity services across cloud, on-premises, and hybrid environments — including Active Directory, Azure AD, and similar technologies.
Manage and administer daily activities and requests across the organization, such as new starters, transfers, leavers and providing access to numerous corporate systems or environments in accordance with company policies and procedures.
Serve as a technical advisor and subject matter expert (SME) for authentication, authorization, and identity federation strategies.
Design and implement role-based access control (RBAC), attribute-based access control (ABAC), and policy-based access frameworks to enforce least privilege.
Lead initiatives to modernize legacy access systems toward Zero Trust and passwordless architectures.
Collaborate with network, endpoint, and application security teams to ensure cohesive, identity-driven defense strategies.
Conduct threat modeling, risk assessments, and architecture reviews to evaluate identity system vulnerabilities and recommend mitigations.
Support compliance and accreditation activities under FedRAMP, RMF, and FISMA programs.
Mentor junior engineers and contribute to developing secure engineering best practices.

Requirements

5+ years of experience in security engineering, with 3+ years in IDAM-related role
Strong knowledge of Zero Trust Architecture principles and implementation methodologies
Proficiency with federation and SSO protocols (SAML, OAuth 2.0, OIDC, SCIM, LDAP, Kerberos)
Experience with directory services (Active Directory, Azure AD, LDAP) and privileged access management (PAM) solutions
Demonstrated ability to design and implement enterprise-level IDAM architectures with minimal supervision
Understanding of federal cybersecurity frameworks and compliance requirements (NIST, OMB, FISMA, FedRAMP)
Excellent communication skills and ability to collaborate effectively with technical and non-technical stakeholders
Excellent problem-solving experience involving leading teams in identifying, researching and coordinating the resources necessary to effectively troubleshoot/diagnose complex project issues
Experience with automation, scripting, and orchestration (PowerShell, Python, Terraform, Ansible).
Relevant certification, such as CISSP, CISM, Azure Security Engineer Associate, CISM, a plus

Benefits

Comprehensive, multi-carrier program for medical, dental and vision benefits
401(k) with match and an Employee Share Purchase Plan
Wellness platform with incentives, Headspace app subscription, Employee Assistance and Time-off Programs
Short-and-Long Term Disability, Life and Accidental Death Insurance, Critical Illness, and Hospital Indemnity
Family Benefits, including bonding and family care leaves, adoption and surrogacy benefits
Health Savings, Health Care, Dependent Care and Commuter Spending Accounts
Up to two days of paid leave each to participate in Employee Resource Groups and to volunteer with your charity of choice

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills

Identity and Access Management (IDAM)Zero Trust Architecturefederation protocolsSSO protocolsSAMLOAuth 2.0OIDCSCIMLDAPKerberos

Soft skills

communication skillscollaborationproblem-solvingmentoringleadership

Certifications

CISSPCISMAzure Security Engineer Associate