Junior Identity, Credential and Access Management (IAM) Engineer

This is a fully remote position, open to applicants in Virginia.

📋 Description

• Implement Identity, Credential, and Access Management (ICAM) solutions to facilitate PIV, Certificate-Based Authentication, and FIDO 2.

• Design and develop a secure and resilient enterprise identity and access management framework.

• Oversee the installation, customization, configuration, and support of the SailPoint Identity and Access Management tool and its associated processes, including automated provisioning and deprovisioning to downstream applications.

• Facilitate and support the integration of ICAM with business applications and third-party services, including enabling and managing Single Sign-On.

• Collaborate with customers to establish organizational structures, naming conventions, and user access roles.

• Assist in developing processes and workflows to support ICAM operational activities, such as user onboarding, lifecycle management, and privileged access management.

• Provide support for the integration of an Enterprise Public Key Infrastructure (PKI) solution.

• Engage with and advise business stakeholders on best practices in Identity and Access Management.

• Define, enhance, and support Active Directory, Azure Active Directory, and Privileged Access Management initiatives within the organization.

• Identify opportunities for delivering automated solutions (e.g., onboarding and offboarding) and improving existing processes through scripting.

⛳️ Requirements

• BA/BS degree plus 7 years of relevant experience; AA degree plus 12 years of relevant experience; MA degree plus 7 years or 16 years of experience without a degree.

• Proven experience and expertise in developing SailPoint IDAM solutions.

• Background in the Identity space with experience in Active Directory or similar LDAP directories.

• In-depth knowledge of HSPD12 and the implementation of government smart card authentication.

• Expert-level understanding of authentication protocols including SAML, OAuth, OpenID, WSO2, and Kerberos.

• Prior experience in providing Role-Based Access Control (RBAC) solutions for cloud platforms (e.g., Azure).

• Strong scripting and automation skills, particularly with PowerShell.

• Familiarity with Microsoft Azure Privileged Identity Management (PIM), Access Review, Service Principals, Managed Identities, and Attribute-Based Access Control (ABAC).

• Extensive knowledge of enterprise PKI integration utilizing SCEP and ACME clients.

• Experience in creating technical architecture documentation.

• Excellent communication and writing skills.

🏝️ Benefits

• Healthcare

• Wellness programs

• Financial support

• Retirement plans

• Family support initiatives

• Continuing education opportunities

• Paid time off benefits