Cloud Engineer, ICAM Focus

General Info

• Citizenship Required: US Citizenship
• Clearance: Secret
• Job Duration: Full Time
• Site: Washington D.C. Metro Area
• Travel: 5% or Less

Position Overview

Support the design, development, deployment, and operation of cloud-based Identity, Credential, and Access Management (ICAM) solutions across the full solution lifecycle. This role focuses on implementing and maintaining secure, scalable identity services within cloud and hybrid environments, ensuring alignment with federal standards and Zero Trust principles.

Responsibilities

• Support delivery of ICAM solutions across the full lifecycle including planning, development, configuration, deployment, and operational support
• Implement and maintain cloud-based identity services (e.g., Azure AD, AWS IAM, Okta)
• Configure and support authentication and authorization mechanisms including SSO, MFA, and federation (SAML, OAuth, OpenID Connect)
• Integrate ICAM solutions with enterprise applications, APIs, and directories
• Develop and maintain infrastructure-as-code (IaC) and automation for identity services
• Support identity lifecycle processes including provisioning, deprovisioning, and access governance
• Assist with MVP delivery, testing, and full deployment of ICAM capabilities
• Troubleshoot and resolve identity-related issues across cloud and hybrid environments
• Support development of technical documentation, user guides, and training materials
• Assist with user adoption and change management activities
• Ensure compliance with federal security standards (NIST, FISMA, FedRAMP, Zero Trust)
• Monitor system performance and support continuous improvement and optimization
• Collaborate with cross-functional teams to ensure secure system integration and interoperability

Education and Experience Required

• Bachelor’s degree in Computer Science, Information Systems, or related field (or equivalent experience)
• 5–9 years of experience in cloud engineering, ICAM/IAM, or cybersecurity roles
• Hands‑on experience with cloud platforms (AWS, Azure, or GCP)
• Experience with identity and access management technologies including Azure AD / Entra ID, AWS IAM, Okta, or similar
• Experience with federation protocols (SAML, OAuth, OpenID Connect)
• Experience with automation and scripting (Python, PowerShell, Terraform, ARM templates)
• Experience supporting enterprise system integration
• Understanding of identity lifecycle management and access controls (RBAC/ABAC)
• Familiarity with DevSecOps practices and CI/CD pipelines

Preferred Qualifications

• Active Secret or Top Secret clearance
• Certifications such as AWS Certified Solutions Architect, Azure Administrator/Engineer, Security+
• Experience supporting federal government environments
• Familiarity with Zero Trust Architecture (ZTA)
• Experience with IGA or PAM tools (SailPoint, Saviynt, CyberArk)
• Experience with API security and microservices architectures