Our client is seeking an Identity, Credential, and Access Management Sr. ICAM Engineer with deep understanding and experience in federal identity policies, guidance, and technical implementations. The ideal candidate should be an expert in ICAM enabling technology - Microsoft Azure Active Directory - in order to work with clients on formulating, designing and evaluating architectures and technical solutions. Other key activities include drafting target-state business and technology processes, drive ICAM compliance to federal (NIST) guidance and standards and provide an authoritative ICAM technology voice to internal and external stakeholders. The candidate will participate as a leader on a team and will be part of implementing an enterprise wide federal ICAM program.
location: Mc Lean, Virginia
job type: Permanent
salary: $150,000 - 175,000 per year
work hours: 9am to 5pm
education: Bachelors
responsibilities:
Responsibilities:
- Works with Development and Operations teams to provide input into (federal) standards based ICAM development, implementation and operations
- Leads and facilitates meetings with internal team members and client representatives to drive ICAM standard compliance for new and existing systems?
- Under minimal direction, collaborates with end-users to define, analyze and review business requirements
- Clearly communicates complex technical topics to both technical and non-technical stakeholders
- Leads the technical team to define technical specifications and system design; develop technical and ICAM architecture for securing and delivering information systems
- Partners with internal and external program stakeholders to translate business goals to technical ICAM architecture and solutions
- Prepares technical documentation which thoroughly captures proposed and as-built solutions
- Leads ICAM deployment activities, including communication, contingency and rollback planning
- Provides an authoritative voice on ICAM standards, policies, and technical implementations?
- Drafts effective strategies to realize target states - with a focus on compliance and sound ICAM architectures
- Authors Knowledge Based Articles (KBAs) to relay technical concepts from candidate's domain of expertise to Help Desk staff?
- Estimates level of effort and resource utilization
- Anticipates, communicates and resolves issues and risks?during project planning and execution
- Performs risk management activities, to include providing mitigation strategies?
- Participates in long term planning and vendor engagement working sessions?
- Demonstrates advanced problem-solving mindset with the ability to perform stakeholder analysis for complex programs?
- Work cross-functionally across client business units, program and product management, and Agile teams
- Presents strategies and roadmaps to program leadership to get buy-in and approval
- Experience working directly on large scale ICAM implementations, with an advanced understanding of FICAM Architecture and Playbooks & FPKI concepts and their relationship to PIV, Derived PIV, and Entra ID CBA
- Experience working using agile methods and scrum process
- Demonstrated ability to understand complex technical issues and communicate them to non-technical audiences.
- Excellent diagnostic, critical thinking, and analytical skills?
- Ability to understand business challenges and identify and recommend appropriate strategies and technical solutions?
- Ability to work independently, especially at project startup, to define goals and metrics, as well as collaborate with diverse stakeholders to enhance program value?
- 5+ years of administering Active Directory and Entra ID
- ?2+ years of experience with Microsoft Graph, Azure CLI and/or Azure PowerShell Modules
- 2+ years of developing maintaining, and/or troubleshooting SAML based applications (as a developer or sys admin)
- 2+ years of developing, maintaining, and/or troubleshooting OIDC/OAuth 2.0 applications (as a developer or sys admin)
- Advanced understanding of Microsoft Cloud Identity, including but not limited to: Certificate-Based Authentication (X509); Privileged Identity Management (PIM); Entra Identity Governance; RBAC in Azure / Entra ID; Enterprise applications, app registrations, managed identities, and service principals; conditional access framework, authentication strengths, and their relationship to NIST 800-63B; SCIM and Entra ID User Provisioning; and Entra ID B2C; Entra Connect and deploying Identity Experience Framework (IEF) Policies
- Experience configuring identity on a second cloud stack (AWS, GCP) preferred
- Advanced understanding of federal security standards related to ICAM, including NIST 800-53, 800-63 and CISA Guidance
- Experience with using GitHub as source control for scripts or apps, and as a tool for change management (CI/CD)
- Willingness to quickly learn new technologies as needed to effectively deliver ICAM projects
- Ability to collaborate with both technical and non-technical stakeholders
- Bachelor's degree or higher required
- Ability to obtain a U.S. Government clearance?
qualifications:
- Experience level: Experienced
- Minimum 7 years of experience
- Education: Bachelors (required)
skills:
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.
At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact HRsupport@randstadusa.com.
Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including health, an incentive and recognition program, and 401K contribution (all benefits are based on eligibility).
This posting is open for thirty (30) days.
