Security Engineer (ICAM Focus)
Role summary
The Security Engineer will focus on Identity, Credential, and Access Management (ICAM) solutions within cloud and enterprise environments. Responsibilities include implementing and enforcing security controls, monitoring identity systems, and ensuring compliance with federal standards and Zero Trust principles throughout the solution lifecycle. The role involves supporting the full lifecycle of ICAM capabilities, analyzing access events, responding to security incidents, and maintaining security documentation. A Bachelor's degree in a related field or equivalent experience, along with 4-7 years of relevant cybersecurity experience, is required. Familiarity with authentication protocols, access control models, and federal compliance frameworks is essential.
Security Engineer (ICAM Focus)
General Info:
Citizenship Required: US Citizenship
Clearance: Secret
Job Duration: Full Time
Site: Washington D.C. Metro Area
Travel: 5% or Less
Position Overview:
Support the implementation, security, and operation of Identity, Credential, and Access Management (ICAM) solutions across cloud and enterprise environments. Focus on enforcing security controls, monitoring identity systems, and ensuring compliance with federal standards and Zero Trust principles across the full solution lifecycle.
Responsibilities:
- Support implementation and enforcement of security controls for ICAM systems and services
- Assist in delivery of ICAM capabilities across the full lifecycle including configuration, deployment, and operational support
- Monitor and analyze identity and access events including authentication, authorization, and privileged access activities
- Identify and respond to security incidents and vulnerabilities related to identity systems
- Implement and support authentication mechanisms including MFA, SSO, and federation (SAML, OAuth, OpenID Connect)
- Validate effectiveness of access controls including RBAC, ABAC, and least privilege principles
- Support identity lifecycle processes including account provisioning, deprovisioning, and access reviews
- Conduct security assessments, control validation, and compliance checks
- Ensure alignment with federal security standards (NIST, FISMA, FedRAMP, FICAM, Zero Trust)
- Support audit readiness and ATO processes including documentation and evidence collection
- Collaborate with engineering and operations teams to ensure secure integration across systems and applications
- Develop and maintain security documentation, procedures, and technical artifacts
- Support continuous monitoring and improvement of ICAM security posture
Education and Experience Required:
- Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related field (or equivalent experience)
- 4–7 years of relevant experience in cybersecurity, ICAM/IAM, or cloud security roles
- Experience implementing and supporting identity and access management solutions
- Familiarity with authentication and federation protocols (SAML, OAuth, OpenID Connect)
- Experience with identity platforms (Azure AD / Entra ID, AWS IAM, Okta, or similar)
- Experience with security monitoring, logging, and incident response
- Understanding of access control models (RBAC/ABAC) and identity lifecycle management
- Experience supporting compliance frameworks (NIST, FISMA, FedRAMP)
- Required certifications: CompTIA Security+ and/or vendor-specific (Microsoft, AWS) or cloud/DevOps certifications
Preferred Qualifications:
- Active Secret or Top Secret clearance
- Certifications such as CISSP, CCSP, AWS Security Specialty, Azure Security Engineer
- Experience supporting federal government environments
- Familiarity with Zero Trust Architecture (ZTA)
- Experience with IGA or PAM tools (SailPoint, Saviynt, CyberArk)
- Experience with SIEM tools (Splunk, Sentinel)
- Experience with DevSecOps and automation