Identity Protection and Management Analyst

Foxhole Technology, Inc.

15h•Onsite

About The Position

The Identity Protection and Management Analyst supports the Cybersecurity Center’s mission to enhance and sustain identity protection and management services in accordance with DoD Instruction (DoDI) 8520.02 and DoDI 8520.03. This role is responsible for administering and safeguarding identity, credential, and access management (ICAM) services that protect and defend DoDIN networks in both Unclassified (NIPRNet) and Classified (SIPRNet) environments. The Analyst ensures secure Public Key Infrastructure (PKI) operations, hardware token management, role coordination, compliance with Certificate Practice Statements (CPS), and implementation of Zero Trust (ZT) principles.

Requirements

3+ years or progressive experience supporting DoD PKI, ICAM, or Identity Protection programs.
IAT II Certification to include: Security+, CCNA-Security, CySA+, GICSP, GSEC, CND, SSCP
Knowledge of DoDI 8520.02 and DoDI 8520.03 requirements.
Experience serving in RA, LRA, KRA, or Trusted Agent roles.
Familiarity with NIPRNet and SIPRNet environments.
Understanding of Certificate Practice Statements (CPS) and Registration Practice Statements (RPS).
Experience implementing Zero Trust principles in identity and certificate management processes.
Strong documentation, reporting, and metrics tracking skills.
Ability to support audits and maintain compliance artifacts.

Responsibilities

Serve as Registration Authority (RA), Local Registration Authority (LRA), and Key Recovery Agent (KRA) in support of DCMA components.
Process requests for DoD and National Security Systems (NSS) PKI certificates, including issuance, revocation, and key recovery.
Provide RA, LRA, and Key Recovery services in accordance with applicable DCMA/DoD Certificate Practice Statements (CPS) for NIPRNet and SIPRNet environments.
Issue and manage hardware tokens (GFE), application certificates, Alternate Logon Tokens, SIPRNet Tokens, Non-Person Entity (NPE) certificates, Code Signing Certificates, and other required certificates.
Establish, maintain, and execute Standard Operating Procedures (SOPs) within 90 calendar days of contract award, with annual reviews and updates.
Incorporate Zero Trust principles into SOPs, including strong user authentication, least privilege access, and continuous monitoring for suspicious activity.
Support NIPRNet and SIPRNet Hardware Token Services and coordinate assignment and administration of Trusted Agents (TAs).
Report token actions and CPR activity metrics via monthly and annual reports.
Maintain inventory and lifecycle oversight of CPR IT assets, locations, and authorized operators.
Provide technical support to field personnel and develop installation procedures.
Create and maintain an artifacts repository and dashboard for audits and supporting documentation.
Coordinate with the Government civilian RA for assignment and administration of DCMAIT Trusted Agents (TAs).
Establish and maintain SOPs for Trusted Agents with annual validation.
Develop, execute, and track TA training programs with annual refresher requirements using approved collaboration tools (e.g., GVS, MS Teams).
Maintain audit-ready documentation and dashboards supporting compliance and oversight activities.