ICAM Engineer - Technical Lead

Leidos is looking for a ICAM Engineer Technical Lead to support a large U.S. Department of Justice (DOJ) program. The Antitrust Division of the U.S. Department of Justice (DOJ) is responsible for enforcing federal antitrust laws and promoting fair competition in the marketplace. The ICAM Engineer Technical Lead will be responsible for leading and overseeing the technical direction of the Identity Credential and Access Management (ICAM) infrastructure with a focus on Active Directory Azure Active Directory and Okta solutions. You will leverage your deep expertise to design and implement best practices for identity governance authentication and access management ensuring the systems remain secure efficient and scalable. This role requires leadership skills technical proficiency and the ability to collaborate across teams to deliver highquality secure identity solutions. This work is located onsite in the DC area.

Key Responsibilities:

• Lead the design implementation and optimization of Active Directory (AD) Azure Active Directory (Azure AD) and Okta solutions for identity and access management (IAM).

• Develop and implement best practices for user provisioning authentication and rolebased access control (RBAC) across onprem and cloud environments.

• Design and configure Azure AD Connect and ensure seamless hybrid integration between onprem AD and Azure AD environments.

• Implement and manage Single SignOn (SSO) MultiFactor Authentication (MFA) and other access control mechanisms across various platforms and applications.

• Develop workflows for automated user provisioning and deprovisioning using Okta and Azure AD.

• Maintain and improve rolebased access control (RBAC) and ensure effective user access lifecycle management across the enterprise.

• Lead and manage the administration of Active Directory (both onpremises and hybrid models) including Group Policy Objects (GPOs) Trusts DNS and other AD services.

• Oversee the Azure AD administration and configuration including Azure AD Connect Azure AD B2C Conditional Access and Identity Protection.

• Ensure the performance security and availability of AD and Azure AD systems including regular audits patches and updates.

• Lead the configuration integration and support of Okta for user authentication identity lifecycle management and SSO capabilities.

• Implement advanced features such as Adaptive MFA Okta Lifecycle Management and API Access Management.

• Provide technical leadership and guidance to the ICAM team and crossfunctional teams ensuring that solutions align with best practices compliance and security standards.

• Develop and execute security monitoring practices to track identity and access management logs identify suspicious activity and ensure proper incident response.

• Lead discussions and provide recommendations on access control and identity management solutions for cloud applications SaaS platforms and legacy systems.

• Create and maintain detailed documentation for ICAM architecture configurations policies and procedures.

Qualifications:

• Bachelors degree in Computer Science Information Technology Cybersecurity or a related field with 12 years of relevant experience. Equivalent experience may also be considered.

• 5 years of handson experience in Identity and Access Management (IAM) with at least 3 years of experience focusing on Active Directory Azure AD and Okta.

• Deep expertise in Active Directory administration including Group Policy AD Federation Services (ADFS) AD Trusts and AD security best practices.

• Proficiency with Azure AD including configuration of Azure AD Connect Conditional Access Identity Protection and Azure AD B2C.

• Experience with Okta Identity and Access Management including integration SSO MFA and lifecycle management.

• Strong understanding of IAM concepts such as SSO MFA RBAC IAM policies and access governance.

• Familiarity with IAM integration patterns and identity synchronization across onpremises and cloud environments.

• Knowledge of relevant security and compliance standards such as GDPR HIPAA and SOC 2.

• Familiarity with scripting and automation tools (e.g. PowerShell Azure CLI Okta APIs).

• Ability to troubleshoot complex ICAM issues and provide effective solutions in a timely manner.

• Strong communication and collaboration skills capable of working with a diverse range of teams and stakeholders.

Desirable Skills:

• Experience with advanced identity federation technologies such as SAML OAuth and OpenID Connect.

• Knowledge of cloud platforms and their IAM services particularly in AWS or Google Cloud.

• Experience with IAM tools for governance like SailPoint or Saviynt.

• Familiarity with security incident response and auditing processes for IAM systems.

• Certifications such as Microsoft Certified: Azure Solutions Architect Expert Certified Information Systems Security Professional (CISSP) or Okta Certified Administrator are highly desirable.

Original Posting:

For U.S. Positions: While subject to change based on business needs Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job education experience knowledge skills and abilities as well as internal equity alignment with market data applicable bargaining agreement (if any) or other law.