Identity and Access Management Engineer Hybrid in Horsham, PA

About The Position

Requirements

• 5+ years of experience in security engineering, with 3+ years in IDAM-related role
• Strong knowledge of Zero Trust Architecture principles and implementation methodologies
• Proficiency with federation and SSO protocols (SAML, OAuth 2.0, OIDC, SCIM, LDAP, Kerberos)
• Experience with directory services (Active Directory, Azure AD, LDAP) and privileged access management (PAM) solutions
• Demonstrated ability to design and implement enterprise-level IDAM architectures with minimal supervision
• Understanding of federal cybersecurity frameworks and compliance requirements (NIST, OMB, FISMA, FedRAMP)
• Excellent communication skills and ability to collaborate effectively with technical and non-technical stakeholders
• Excellent problem-solving experience involving leading teams in identifying, researching and coordinating the resources necessary to effectively troubleshoot/diagnose complex project issues
• Experience with automation, scripting, and orchestration (PowerShell, Python, Terraform, Ansible).

Nice To Haves

• Relevant certification, such as CISSP, CISM, Azure Security Engineer Associate, CISM, a plus

Responsibilities

• Architect, design, and implement enterprise Identity, Credential, and Access Management (ICAM) solutions in alignment with Zero Trust principles.
• Develop and maintain IDAM frameworks, policies, and controls ensuring compliance with federal security standards (e.g., NIST SP 800-53, 800-63, FIPS 201, OMB M-22-09).
• Integrate identity services across cloud, on-premises, and hybrid environments — including Active Directory, Azure AD, and similar technologies.
• Manage and administer daily activities and requests across the organization, such as new starters, transfers, leavers and providing access to numerous corporate systems or environments in accordance with company policies and procedures
• Serve as a technical advisor and subject matter expert (SME) for authentication, authorization, and identity federation strategies.
• Design and implement role-based access control (RBAC), attribute-based access control (ABAC), and policy-based access frameworks to enforce least privilege.
• Lead initiatives to modernize legacy access systems toward Zero Trust and passwordless architectures.
• Collaborate with network, endpoint, and application security teams to ensure cohesive, identity-driven defense strategies.
• Conduct threat modeling, risk assessments, and architecture reviews to evaluate identity system vulnerabilities and recommend mitigations.
• Support compliance and accreditation activities under FedRAMP, RMF, and FISMA programs.
• Mentor junior engineers and contribute to developing secure engineering best practices.
• All other duties as assigned

Benefits

• Health Benefits: Comprehensive, multi-carrier program for medical, dental and vision benefits
• Retirement Benefits: 401(k) with match and an Employee Share Purchase Plan
• Wellbeing: Wellness platform with incentives, Headspace app subscription, Employee Assistance and Time-off Programs
• Short-and-Long Term Disability, Life and Accidental Death Insurance, Critical Illness, and Hospital Indemnity
• Family Benefits, including bonding and family care leaves, adoption and surrogacy benefits
• Health Savings, Health Care, Dependent Care and Commuter Spending Accounts
• Up to two days of paid leave each to participate in Employee Resource Groups and to volunteer with your charity of choice