ICAM Engineer - Technical Lead

Leidos is looking for a ICAM Engineer Technical Lead to support a large U.S. Department of Justice (DOJ) program.  The Antitrust Division of the U.S. Department of Justice (DOJ) is responsible for enforcing federal antitrust laws and promoting fair competition in the marketplace.  The ICAM Engineer Technical Lead will be responsible for leading and overseeing the technical direction of the Identity, Credential, and Access Management (ICAM) infrastructure, with a focus on Active Directory, Azure Active Directory, and Okta solutions. You will leverage your deep expertise to design and implement best practices for identity governance, authentication, and access management, ensuring the systems remain secure, efficient, and scalable. This role requires leadership skills, technical proficiency, and the ability to collaborate across teams to deliver high-quality, secure identity solutions. This work is located onsite in the DC area.

Key Responsibilities:

• Lead the design, implementation, and optimization of Active Directory (AD), Azure Active Directory (Azure AD), and Okta solutions for identity and access management (IAM).

• Develop and implement best practices for user provisioning, authentication, and role-based access control (RBAC) across on-prem and cloud environments.

• Design and configure Azure AD Connect and ensure seamless hybrid integration between on-prem AD and Azure AD environments.

• Implement and manage Single Sign-On (SSO), Multi-Factor Authentication (MFA), and other access control mechanisms across various platforms and applications.

• Develop workflows for automated user provisioning and de-provisioning using Okta and Azure AD.

• Maintain and improve role-based access control (RBAC) and ensure effective user access lifecycle management across the enterprise.

• Lead and manage the administration of Active Directory (both on-premises and hybrid models), including Group Policy Objects (GPOs), Trusts, DNS, and other AD services.

• Oversee the Azure AD administration and configuration, including Azure AD Connect, Azure AD B2C, Conditional Access, and Identity Protection.

• Ensure the performance, security, and availability of AD and Azure AD systems, including regular audits, patches, and updates.

• Lead the configuration, integration, and support of Okta for user authentication, identity lifecycle management, and SSO capabilities.

• Implement advanced features such as Adaptive MFA, Okta Lifecycle Management, and API Access Management.

• Provide technical leadership and guidance to the ICAM team and cross-functional teams, ensuring that solutions align with best practices, compliance, and security standards.

• Develop and execute security monitoring practices to track identity and access management logs, identify suspicious activity, and ensure proper incident response.

• Lead discussions and provide recommendations on access control and identity management solutions for cloud applications, SaaS platforms, and legacy systems.

• Create and maintain detailed documentation for ICAM architecture, configurations, policies, and procedures.

Qualifications:

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field with 12 years of relevant experience. Equivalent experience may also be considered.

• 5+ years of hands-on experience in Identity and Access Management (IAM), with at least 3 years of experience focusing on Active Directory, Azure AD, and Okta.

• Deep expertise in Active Directory administration, including Group Policy, AD Federation Services (ADFS), AD Trusts, and AD security best practices.

• Proficiency with Azure AD including configuration of Azure AD Connect, Conditional Access, Identity Protection, and Azure AD B2C.

• Experience with Okta Identity and Access Management, including integration, SSO, MFA, and lifecycle management.

• Strong understanding of IAM concepts such as SSO, MFA, RBAC, IAM policies, and access governance.

• Familiarity with IAM integration patterns and identity synchronization across on-premises and cloud environments.

• Knowledge of relevant security and compliance standards such as GDPR, HIPAA, and SOC 2.

• Familiarity with scripting and automation tools (e.g., PowerShell, Azure CLI, Okta APIs).

• Ability to troubleshoot complex ICAM issues and provide effective solutions in a timely manner.

• Strong communication and collaboration skills, capable of working with a diverse range of teams and stakeholders.

Desirable Skills:

• Experience with advanced identity federation technologies such as SAML, OAuth, and OpenID Connect.

• Knowledge of cloud platforms and their IAM services, particularly in AWS or Google Cloud.

• Experience with IAM tools for governance, like SailPoint or Saviynt.

• Familiarity with security incident response and auditing processes for IAM systems.

• Certifications such as Microsoft Certified: Azure Solutions Architect Expert, Certified Information Systems Security Professional (CISSP), or Okta Certified Administrator are highly desirable.

Original Posting:

April 16, 2025

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

Pay Range $112,450.00 - $203,275.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.