Senior ICAM Engineer

Serves as the hands-on technical lead for ICAM engineering, integration, onboarding, and operational delivery across enterprise, cloud, coalition, and mission environments. This role leads the implementation, configuration, troubleshooting, sustainment, and modernization of Zero Trust identity and access management services including authentication, authorization, federation, identity governance, privileged access management, and enterprise application integration capabilities aligned to DoD, FICAM, NIST, and Intelligence Community standards and frameworks.

The Lead ICAM Engineer is responsible for driving technical execution across the full ICAM lifecycle, including platform integration, application onboarding, federation engineering, claims transformation, provisioning automation, deployment automation, operational transition, and production sustainment. The role requires hands-on engineering leadership supporting enterprise ICAM modernization efforts across cloud-hosted, hybrid, multi-domain, and mission partner environments.

Primary Responsibilities

* Work with senior leadership, customers, application owners, security teams, mission partners, and operations personnel to plan and execute ICAM engineering and integration activities using Agile methodologies.

* Lead hands-on configuration, integration, troubleshooting, and sustainment of ICAM platforms including Okta, Ping Federate, SailPoint, Delinea, Radiant Logic, Hashi Corp, Corsha, Keycloak, Microsoft Entra , and related identity and access management technologies.

* Implement and maintain authentication, authorization, federation, identity governance, privileged access management, and application onboarding capabilities supporting Zero Trust and FICAM-aligned enterprise architectures.

* Lead integration and onboarding of legacy, cloud-native, SaaS, mission, and coalition applications into enterprise ICAM services.

* Troubleshoot federation, authentication, claims mapping, token transformation, provisioning, entitlement, and access control issues across enterprise and mission environments.

* Develop and maintain implementation procedures, onboarding standards, deployment documentation, operational engineering practices, and sustainment processes supporting ICAM delivery.

* Configure and integrate SAML 2.0, OIDC, OAuth 2.0, SCIM, REST APIs, PKI, CAC/PIV, MFA, and passwordless authentication technologies.

* Support implementation of RBAC, ABAC, context-aware access control, device posture validation, and risk-based authentication capabilities.

* Implement and maintain Dev Sec Ops  pipelines, infrastructure-as-code, deployment automation, and configuration management processes supporting ICAM services.

* Support integration of ICAM services across cloud, enterprise, hybrid, and multi-domain mission environments including AWS, Gov Cloud, IL5/IL6, and classified systems where applicable.

* Provide hands-on engineering support during testing, deployment, operational transition, incident response, troubleshooting, and production sustainment activities.

* Develop and present integration artifacts, implementation plans, deployment procedures, technical briefings, and operational status updates to internal and external stakeholders.

* Guide engineering teams in implementing scalable, secure, and operationally sustainable ICAM capabilities aligned to mission objectives.

* Serve as the technical lead for ICAM engineering, federation integration, application onboarding, and operational delivery activities while mentoring junior engineers.

* Recognized as a trusted technical leader for enterprise ICAM modernization, Zero Trust implementation, and mission integration.

Required Qualifications

* Active DoD Secret Clearance or higher.

* Typically requires BS degree and 12+ years relevant experience. Additional experience may be considered in lieu of degree.

* Experience with IdAM / ICAM delivery systems, authentication, authorization, federated identity management, identity governance, entitlement management, privileged access management, attributes, and digital policy management.

* Hands-on experience integrating and troubleshooting enterprise identity providers, federation services, MFA platforms, provisioning systems, and application onboarding solutions.

* Experience configuring and supporting SAML 2.0, OIDC, OAuth 2.0, SCIM, REST APIs, CAC/PIV, PKI, MFA, token-based authentication, and claims transformation technologies.

* Experience with security accreditation processes and implementation of identity-related security controls supporting DoD environments.

* Experience architecting, implementing, and sustaining enterprise cloud-hosted ICAM services within AWS or comparable cloud environments using infrastructure-as-code and automation concepts.

* Understanding of Zero Trust architecture, federation, RBAC, ABAC, risk-based authentication, context-aware access, and cloud-native security principles.

* Experience supporting application onboarding and federation integration across enterprise,…