×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Zero Trust; Zt Identity & Credential Management Sme

Job in Arlington, Arlington County, Virginia, 22201, USA
Listing for: Zermount, Inc.
Full Time position
Listed on 2026-06-17
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 60000 USD Yearly USD 60000.00 YEAR
Job Description & How to Apply Below
Position: ZERO TRUST (ZT) IDENTITY & CREDENTIAL MANAGEMENT SME

ZERO TRUST (ZT) IDENTITY & CREDENTIAL MANAGEMENT SME POSITION OVERVIEW

The Zero Trust Identity Management Technical SME exists to serve as the agency's primary technical advisor for the CISA ZTMM v2.0 identity pillar. This role directly advances TSA's compliance with OMB M-22-09 phishing-resistant MFA requirements and EO 14028 identity modernization mandates by providing senior-level ICAM advisory that translates federal policy into concrete identity architecture recommendations. The expected outcome is a continuously advancing identity pillar maturity posture, with phishing-resistant authentication enforced, privileged access controlled, and identity posture signals integrated into cross-pillar ZT enforcement decisions.

This is a senior technical advisory role requiring hands‑on ICAM implementation experience, not policy familiarity alone.

DUTIES & RESPONSIBILITIES General duties
  • Serve as the primary technical advisor for the CISA ZTMM v2.0 identity pillar across identity architecture, authentication, and access management domains.
  • Continuously assess the agency's IAM posture against CISA ZTMM v2.0 identity pillar criteria, OMB M-22-09, and NIST SP 800-63. Proactively surface emerging identity risk indicators and deliver real‑time advisory recommendations.
  • Provide technical advisory guidance on phishing‑resistant MFA strategies, PIV/CAC enforcement, FIDO2 deployment, and enterprise IdP integration - recommending solutions and implementation pathways for agency decision‑making.
  • Evaluate enterprise IAM/IdP platforms (e.g., Entra , Okta, Ping Identity) and provide configuration and enhancement recommendations aligned to ZT principles for agency adoption.
  • Advise PAM strategies, RBAC/ABAC models, and least‑privilege enforcement aligned to NIST SP 800‑207; develop recommended solutions for agency review.
  • Provide advisory support for the development and maturation of identity‑related entries in the Common Control Catalog (CCC), ensuring traceability to NIST SP 800‑53 rev. 5 control families.
  • Develop recommended identity pillar inputs to the ZT roadmap, IG FISMA maturity reporting, and enterprise performance reporting for agency review and approval.
  • Collaborate with device, network, and application SMEs to ensure identity‑based enforcement integrates coherently across all ZTMM pillars.
  • Review identity‑related policy documents and SOPs; identify gaps relative to ZT mandates and develop recommended updates for agency concurrence.
  • Support all identity‑related ZT data calls, audits, and compliance reporting by providing advisory analysis and recommended responses.
  • Prepare and present technical findings, maturity assessments, and advisory recommendations to senior leadership and the CISO.
  • Leverage AI‑assisted analysis tools, automation platforms, and prompt engineering techniques to enhance advisory productivity, accelerate gap analysis and documentation tasks, and enable focus on higher‑value technical advisory work; apply all AI capabilities in accordance with agency acceptable use policies and Zermount's ethical AI use guidelines.
SUBJECT MATTER EXPERTISE SME Area #1 – Identity & Access Management Architecture, ICAM advisory
  • Expert‑level mastery of ICAM architecture and authentication engineering including enterprise IAM/PAM/IdP design, phishing‑resistant MFA implementation (PIV/CAC enforcement, FIDO2) deployment, and federated identity frameworks demonstrated through operational implementation experience, not framework study.
  • Authoritative knowledge of NIST SP 800-63, NIST SP 800-207 identity tenets, CISA ZTMM v2.0 identity pillar criteria, OMB M-22-09, and federal ICAM policy requirements; ability to independently interpret and apply evolving guidance.
  • Expert‑level proficiency in enterprise IAM platforms including Entra  (Azure AD), Okta, or equivalent architecture and configuration design depth, not administrative use.
  • Expert‑level knowledge of RBAC, ABAC, and PAM architectures to support Just Enough, Just In Time (JEJIT) access principles in federal environments; demonstrated ability to advise on least‑privilege policy design and privileged account governance.
  • Independent decision‑making authority on identity…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search