ICAM Engineer

Role: Sr. ICAM Engineer

Location: Reston VA

Duration: Direct Hire

Citizenship: TS/SCI with Full Scope Polygraph

Top Skills:

• 5 years of Tier II or 3 years of Tier III IAM
• Azure Entra ID
• MFA

Role and Responsibilities:

• Architect deploy and sustain secure ICAM solutions aligned with the Microsoft Cloud Adoption Framework (CAF) and Zero Trust.
• Design implement and manage Multi-Factor Authentication (MFA) solutions across hybrid enterprise environments.
• Implement and maintain Hybrid Identity integrations including synchronization of on-premises Active Directory with Entra ID.
• Manage and automate Azure Groups for access control RBAC and enterprise security policies.
• Engineer configure and maintain Entra ID distributed architecture ensuring high availability automated failover load balancing and recovery for enterprise-wide identity services.
• Incorporate Smart Card / CAC / PIV authentication into enterprise identity solutions and ensure compliance with federal standards (e.g. FIPS 201 HSPD-12).
• Monitor and optimize IAM systems for security performance and compliance.
• Collaborate with cross-functional teams to support application integrations with IAM platforms (SSO federation and conditional access).
• Ensure governance compliance and alignment with Zero Trust TIC 3.0 and federal security baselines.
• Document identity and access designs workflows and operational runbooks.

Required Skills

• An active TS/SCI with polygraph.
• Minimum of five (5) years of Tier II or three (3) years of Tier III IAM/Identity Services support.
• Proven ability to design deploy and sustain enterprise IAM solutions in hybrid cloud environments.
• Expertise with MFA Hybrid Identity Azure Groups Entra ID distributed architecture and Smart Card authentication.
• Strong understanding of Zero Trust Conditional Access RBAC and authentication protocols (SAML OIDC OAuth2 Kerberos LDAP).
• Proficiency with PowerShell scripting and automation for identity administration.
• Strong troubleshooting and diagnostic skills across hybrid identity systems.
• Excellent communication and documentation skills.

Preferred Skills

• Microsoft Identity and Access Administrator Associate or Azure Security Engineer certifications.
• Experience with Microsoft Entra Permissions Management Privileged Identity Management (PIM) and Identity Governance.
• Knowledge of integrating IAM with Power Platform and enterprise applications.
• Familiarity with AOAI embedded features and Copilot capabilities for identity workflows.