Senior Identity Engineering Services (R&D Specialist)

Location: DHA locations in and around San Antonio, TX

Clearance Required: Public Trust (ADP/IT-II); Tier 3 Investigation (NACLC) 

The IdM R&D Engineer is a senior-level technical professional responsible for the design, development, and support of identity and access management solutions across the DHA enterprise. This role includes engineering support for Active Directory, Public Key Infrastructure (PKI), Privileged Access Management (PAM), Cryptographic Key Management, and other security-focused identity services. The engineer ensures systems comply with DoD directives, DISA STIGs, and DHA architectural standards.

Key Responsibilities:

• Design, document, and implement standardized, compliant, and forward-looking solutions for identity, access, and credential management, including PKI, PAM, and cryptographic key management.
• Engineer and maintain directory services architectures including Active Directory Domain Services (ADDS), Active Directory Lightweight Directory Services (ADLDS), and Secure DNS integrated with the latest DHA server baselines and DISA STIGs.
• Update and sustain the mJAD Architecture & Design Document and related engineering packages.
• Engineer and support the DHA PKI infrastructure in alignment with DoDI 8520.02, including CA migration, Middleware (e.g., ActivIdentity), and Validator Suites (e.g., Axway).
• Maintain PKI Certificate Validation Suites and support certificate issuance across LAN/WLAN and Med-COI systems.
• Engineer identity management solutions to manage users, groups, and assets across hybrid on-prem and cloud environments, enforcing policy-based access to systems, SaaS, and resource partners.
• Develop identity and authentication architectures compliant with DoD Enterprise ICAM Reference Design and DoDI 8520.03.
• Deliver identity automation, alerting, reporting, and enforcement policies to meet MHS operational and security requirements.
• Engineer PKE solutions enabling X.509 certificate usage across MHS applications, ensuring integration with PKI for authentication, confidentiality, data integrity, and non-repudiation.
• Provide engineering support for certificate-enabled applications such as ActivClient and Axway Desktop Validator.
• Research, design, and test system-level and embedded software solutions, including network distribution platforms and compilers.
• Apply computer science, engineering, and mathematical analysis to develop scalable, secure software architectures for MHS systems.

Preferred Tools & Technologies:

• Microsoft Active Directory, ADLDS, DNS
• DoD PKI / Internal Medium Assurance (IMA)
• ActivIdentity ActivClient, Axway Validator Suites
• DoD ICAM Reference Architecture
• PowerShell, LDAP, X.509 certificate utilities
• Remedy Ticketing System
• Microsoft Server Operating Systems
• DoD STIGs, DoDI 8520.02 / 03

Education & Certification Requirements (per DoD 8140 Qualification Matrices)

1) Microsoft Certified: Cyber Security Architect Expert or Azure Solutions Architect Expert

2) Any of the following...

• Academic Education: Bachelor’s degree in information technology, Cybersecurity, or a related discipline.
• OR Baseline: GCLD or CCE or CASP+ or CEH or GLSC or CISSP