ICAM SME / Engineer

ECS Tech Inc•Fort Meade, MD

6d•$175,000 - $190,000•Onsite

About The Position

ECS is seeking an Identity Credential and Access Management (ICAM) Subject Matter Expert (SME)/Engineer to work in our Ft. Meade, MD office in an onsite capacity. ECS is seeking an ICAM SME/Engineer (ICAM SME/E) to support robust Impact Level (IL) 5 and IL6 programs in an operational DoD environment that houses multiple U.S. Coalition Mission Partner Environments (MPE). The ICAM SME/E will help clients understand emerging technical solutions relative to client policies and operational requirements and apply analytical and innovative strategies to develop solutions to address client needs. The candidate will contribute to technical artifacts and thought leadership for IAM tools relating to Credential Management, Public Key Infrastructure, Alternate Credentials, Directory Services, Authentication solutions, and ICAM integrations. This position is a demanding, high-energy role that requires innovative ideas to manage identities, credentials, and access across Mission Partner Environments (MPE). The ideal candidate has advanced technical acumen; essential soft skills, including analytical thinking, problem-solving, communication, and proven leadership abilities; and intellectual curiosity critical for analyzing ICAM needs and developing solutions to address them. The ICAM SME/Engineer reports to the Senior Technical Program Manager and collaborates closely with the Engineering team.

Requirements

U.S. Citizen.
Active Secret security clearance, with the ability to obtain a Top Secret security clearance.
Ability to work 5 days/week onsite at 6910 Cooper Ave, Ft. Meade, MD with the possibility of some telework.
Bachelor's degree in Cybersecurity, Information Security, Computer Science, or related STEM (Science, Technology, Engineering and Mathematics) discipline.
10+ years of technical experience developing ICAM architectures and strategies with a wide array of products (e.g., Intercede MyID, SailPointIIQ, Okta, CyberArk, PKI).
Minimum DoD 8140 IAT Level 2 certification (e.g., CompTIA Security+, CySA+, GSEC, SSCP).
Strong PowerShell scripting experience.
Knowledge of: ADFS, Azure App Proxy, WPAD, and MFA technologies, especially Certificate Based Authentication (CBA).
Deep knowledge of Active Directory, including: Domain controller maintenance and upgrades GPO management DNS and core AD infrastructure
Experience with Entra ID (Azure AD), including: Application registrations and SSO onboarding Intune policy management DNS and core AD infrastructure
Understanding of PKI technologies (LDAP directories, HSMs, OCSP) and security best practices.
Experience working within large federal IT infrastructures.
Recent experience with deployment of identity and credential management solutions; knowledge of federal cybersecurity and zero trust policies, requirements and standards.
Strong understanding stakeholder requirements and expectations, system architecture, infrastructure build and documentation, configuration and deployment, as well as existing and emerging federal policy including HSPD-12 and NIST documents.
Exceptional analytical, problem-solving, and communication skills.
Strong decision-making ability to weigh the relative costs and benefits of potential actions and identify the most appropriate solution.
Proven ability to remain calm, decisive, and methodical under pressure.
Advanced proficiency with Microsoft Office tools and O365, including Word, Excel, PowerPoint, Teams, Outlook, and SharePoint.
Experience designing, implementing, and supporting ICAM solutions in Microsoft Azure cloud environments.

Responsibilities

Serve as the ICAM SME for Azure based DOD environments.
Implement, maintain, and optimize enterprise systems in alignment with organizational standards and SOPs.
Monitor and manage all installed systems, infrastructure, and directory services.
Configure, test, and maintain operating systems, application software, and system management tools.
Evaluate existing systems and provide technical guidance to IT support teams.
Lead the development and integration of customized software and hardware solutions.
Plan and implement automation to improve operational efficiency.
Design and maintain security controls to ensure data integrity and system protection.
Ensure high availability of technical resources and maintain accurate system inventories.
Provide timely reporting and rapid response to system issues or outages.
Support the development and enhancement of the client’s Enterprise Directory, including LDAP schema design, object classes, attributes, queries, and group structures.
Develop directory integration solutions across directory and database systems.
Configure and support enterprise Identity Management systems, including role based access, segregation of duties, workflow automation, and periodic access reviews.
Review and implement ICAM integration requirements with adherence to an organization’s mission, goals, and standards.
Experience working in client services environments and engaging with both business and technical stakeholders.
Prepare technical standards, provide technical advice and guidance, and collaborate with other programmers to conceptualize and develop design.
Demonstrated ability to write technical documentation, including product analysis, as-is/to-be architectures, and network and infrastructure diagrams.
Demonstrated experience in migration of ICAM technologies, including transitioning legacy applications to innovative and best of breed solutions.
Experience developing and briefing materials and executive summaries on ICAM architecture, implementation, and policy
Support security assessments, audits, and ATO activities, including documentation and control evidence related to ICAM.
Other duties, as assigned.