Description Leidos is seeking a talented
Lead ICAM Engineer to join our team supporting a significant program for the U.S. Department of Justice (DOJ). The DOJ's Antitrust Division plays a pivotal role in enforcing federal antitrust laws and promoting fair competition. In this role, you will drive the technical direction of our Identity, Credential, and Access Management (ICAM) infrastructure, focusing on Active Directory, Azure Active Directory, and Okta solutions. You will utilize your extensive expertise to design and implement top-tier identity governance, authentication, and access management practices, ensuring our systems are secure, efficient, and scalable. This position is located onsite in the DC area.
Key Responsibilities: - Lead the design, implementation, and optimization of Active Directory (AD), Azure Active Directory (Azure AD), and Okta solutions for identity and access management (IAM).
- Develop and implement best practices for user provisioning, authentication, and role-based access control (RBAC) across both on-premises and cloud environments.
- Design and configure Azure AD Connect to ensure seamless hybrid integration between on-prem AD and Azure AD environments.
- Implement and manage Single Sign-On (SSO), Multi-Factor Authentication (MFA), and other access control mechanisms for various platforms and applications.
- Develop workflows for automated user provisioning and de-provisioning using Okta and Azure AD.
- Maintain effective role-based access control (RBAC) and user access lifecycle management across the enterprise.
- Oversee the administration of Active Directory, including managing Group Policy Objects (GPOs), Trusts, DNS, and other AD services.
- Manage Azure AD administration and configuration, including Azure AD Connect, B2C, Conditional Access, and Identity Protection.
- Ensure the performance, security, and availability of AD and Azure AD systems through regular audits, patches, and updates.
- Lead the configuration, integration, and support of Okta for user authentication, identity lifecycle management, and SSO capabilities.
- Implement advanced features like Adaptive MFA, Okta Lifecycle Management, and API Access Management.
- Provide technical leadership and guidance to the ICAM team and collaborate with cross-functional teams to ensure solutions align with best practices and compliance standards.
- Develop security monitoring practices to track IAM logs, identify suspicious activity, and implement proper incident response protocols.
- Lead discussions on access control and identity management solutions across cloud applications, SaaS platforms, and legacy systems.
- Create and maintain comprehensive documentation for ICAM architecture, configurations, policies, and procedures.
Qualifications: - Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field with a minimum of 12 years of relevant experience; equivalent experience may also be considered.
- 5+ years of hands-on experience in IAM, with at least 3 years focusing specifically on Active Directory, Azure AD, and Okta.
- Deep expertise in Active Directory administration, including Group Policy, AD Federation Services (ADFS), Trusts, and AD security best practices.
- Proficiency with Azure AD, particularly configuring Azure AD Connect, Conditional Access, Identity Protection, and Azure AD B2C.
- Experience with Okta IAM, including integration, SSO, MFA, and lifecycle management.
- Strong understanding of IAM concepts such as SSO, MFA, RBAC, IAM policies, and access governance.
- Familiarity with IAM integration patterns and identity synchronization between on-premises and cloud environments.
- Knowledge of relevant security and compliance standards such as GDPR, HIPAA, and SOC 2.
- Familiarity with scripting and automation tools (e.g., PowerShell, Azure CLI, Okta APIs).
- Ability to troubleshoot complex ICAM issues and deliver effective solutions efficiently.
- Excellent communication and collaboration skills, with the capacity to work alongside a diverse range of teams and stakeholders.
Desirable Skills: - Experience with advanced identity federation technologies such as SAML, OAuth, and OpenID Connect.
- Knowledge of cloud platforms and their IAM services, especially AWS or Google Cloud.
- Experience with governance tools like SailPoint or Saviynt.
- Familiarity with security incident response and auditing processes for IAM systems.
- Certifications such as Microsoft Certified: Azure Solutions Architect Expert, Certified Information Systems Security Professional (CISSP), or Okta Certified Administrator are highly desirable.
Original Posting: April 16, 2025
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date.
Pay Range: Pay Range $112,450.00 - $203,275.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include responsibilities of the job, education, experience, knowledge, skills, and abilities, along with internal equity, alignment with market data, and other applicable standards.