Junior Identity, Credential and Access Management (IAM) Engineer

This is a fully remote position, open to applicants in Virginia.

📋 Description

• Develop and implement Identity, Credential, and Access Management (ICAM) solutions to facilitate PIV, Certificate-Based Authentication, and FIDO 2.

• Design and construct a secure, resilient enterprise identity and access management framework.

• Oversee the installation, customization, configuration, and support of the SailPoint Identity and Access Management tool and its associated processes. This includes automated provisioning and deprovisioning for downstream applications.

• Enable and manage ICAM integration with business applications and third-party systems, including facilitating Single Sign-On (SSO).

• Work closely with clients to establish organizational structures, naming conventions, and user access roles.

• Support the development of workflows and processes that enhance ICAM operational activities, such as user onboarding, lifecycle management, and privileged access management.

• Assist in the integration of an Enterprise Public Key Infrastructure (PKI) solution.

• Engage with and provide guidance to business stakeholders on best practices in Identity and Access Management.

• Define, enhance, and maintain Active Directory, Azure Active Directory, and Privileged Access Management within the organization.

• Identify opportunities for delivering automated solutions (e.g., onboarding and offboarding) and for improving existing processes through scripting.

⛳️ Requirements

• Must be able to obtain Department of Homeland Security (DHS) Entry On Duty (EOD) – Active EOD is preferred.

• Bachelor’s degree (BA/BS) with 10 years of relevant experience; Associate degree (AA) with 12 years of relevant experience; Master’s degree (MA) with 7 years of experience or 16 years of experience without a degree.

• Proven experience and expertise in developing SailPoint IDAM solutions.

• Background in Identity Management with experience in Active Directory or similar LDAP directories.

• In-depth knowledge of HSPD12 and the implementation of government smart card authentication.

• Expert understanding of authentication protocols such as SAML, OAuth, OpenID, WSO2, and Kerberos.

• Previous experience in delivering Role-Based Access Control (RBAC) solutions for cloud platforms (e.g., Azure).

• Strong scripting and automation skills, particularly with PowerShell.

• Familiarity with Microsoft Azure Privileged Identity Management (PIM), Access Reviews, Service Principals, Managed Identities, and Attribute-Based Access Control (ABAC).

• Comprehensive knowledge of enterprise PKI integration, including SCEP and ACME clients.

• Experience in creating technical architecture documentation.

• Excellent verbal and written communication skills.

🏝️ Benefits

• Healthcare

• Wellness programs

• Financial benefits

• Retirement plans

• Family support initiatives

• Continuing education opportunities

• Time-off benefits