ICAM Specialist - Remote

About The Position

Requirements

• Technical Training, Certificate, or Degree required; Bachelor's Degree in Computer Science, Computer Programming, Computer Engineering or relevant computer-based major strongly preferred
• 10+ years of related experience in information systems, with 8+ years of that experience in identity and access management, including 5+ years in cloud-based federal environments
• Strong knowledge of identity federation protocols (SAML, OAuth2.0, OIDC, SCIM) and modern authentication flows
• Hands-on experience with AWS Cognito, Azure AD, Okta, Keycloak or PingFederate for SSO and MFA implementations
• Expertise with RBAC/ABAC frameworks, policy-based access control, and least-privilege enforcement
• Familiarity with NIST 800-63, FISMA, FedRAMP, and ZTA standards and compliance frameworks
• Experience implementing ICAM solutions in Agile and DevSecOps environments
• Working knowledge of PKI, digital certificates, and encryption technologies.
• Strong analytical and troubleshooting skills with ability to resolve identity integration issues
• Bachelor’s or Master’s degree in Cybersecurity, Information Systems, or related discipline
• Excellent presentation and communication skills
• Consultant mindset with the ability to work with high level customer stakeholders and build excellent customer relationships
• Experience identifying and applying industry tools, solutions, methods best practices, and emerging technologies
• Strong analytical skills and problem-solving skills with the ability to formulate and communicate recommendations for improvement
• Demonstrated ability to work effectively, independently, and as part of a team
• Certified Information Systems Security Professional (CISSP)
• Ability to pass a background check to obtain and maintain a position of Public Trust with the Administrative Office of the US Courts
• Must be a US Person (Green Card Holder, US Permanent Resident Alien, Refugee, Asylee, US Citizen)

Nice To Haves

• Experience supporting federal digital modernization or judiciary IT programs.
• Knowledge of AWS IAM, KMS, CloudTrail, and integration of ICAM with containerized workloads (ECS, EKS)
• Familiarity with Zero Trust Architecture and microsegmentation principles
• Exposure to API gateway authentication (Kong, Apigee, AWS API Gateway)
• Experience integrating identity governance tools (SailPoint, Saviynt)
• AWS Certified Security – Specialty or Azure Identity & Access Administrator – strongly preferred
• Certified Identity and Access Manager (CIAM) or Certified Identity Professional (CIP) – preferred
• SAFe Practitioner (SPC/SSM) – preferred

Responsibilities

• Design and maintain the ICAM architecture for identity, access, and authentication management across AWS-hosted CMM applications
• Implement federated identity and single sign-on (SSO) solutions using modern protocols (SAML, OAuth2.0, OIDC)
• Integrate Multi-Factor Authentication (MFA) and role-based access control (RBAC) mechanisms within enterprise systems
• Collaborate with Cloud and Security Architects to enforce Zero Trust Architecture (ZTA) across microservices and APIs
• Configure and maintain directory services and identity providers (e.g., AWS Cognito, Azure AD, Ping, Okta)
• Support ICAM compliance assessments, ensuring adherence to FISMA, NIST 800-63, and FedRAMP security controls
• Develop and document identity lifecycle management processes—provisioning, deprovisioning, and access reviews
• Conduct access audits, user entitlement reviews, and anomaly detection to ensure least-privilege compliance
• Provide subject matter expertise in identity federation, PKI, certificate management, and secure API authorization
• Collaborate with DevSecOps teams to embed ICAM policies within CI/CD pipelines and Infrastructure-as-Code (IaC) templates

Benefits

• Comprehensive benefits and wellness packages
• 401K with company match
• Competitive pay and paid time off
• Full flex work weeks where possible
• A variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave
• 15 days of paid leave per calendar year to be used for vacations, personal business, and illness and an additional 10 paid holidays per year
• Paid leave and paid holidays are prorated based on the employee’s date of hire
• The GDIT Paid Family Leave program provides a total of up to 160 hours of paid leave in a rolling 12 month period for eligible employees
• Short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance