ICAM Engineer

Gridiron IT is seeking a Senior System Engineer to work on our Identity, Credential and Access team (ICAM) Team in Springfield, VA. The qualified SME will be required to be proficient with PowerShell to design and develop new scripts to improve administration, update existing scripts with new methods and/or efficiencies, and convert existing scripts in other languages (e.g., VB Script, C#) to PowerShell where necessary. Active DoD secret clearance required.

You Will:

• Perform complex ICAM systems development and design work that may include data modelling, cost projections, software architecture analysis, and technical design.
• Assess, synthesize, and document customer ICAM business requirements
• Align ICAM project goals and objectives with the business mission
• Provide enterprise systems engineering guidance, systems security technical guidance, expert technical advice, technology assessments (research and proof-of-concepts), acquisition analysis (AoAs), and independent technical reviews
• Participate in enterprise boards such as Technical Review and Change Control Boards
• Perform systems process and data modeling, simulation, and analysis
• Review completion and implementation of ICAM system changes and makes recommendations to the customer
• Plans and directs upgrades and other changes to ICAM software and related systems
• Develop documentation on new or existing systems
• Develop and direct tests to ensure systems meet documented user requirements
• Identify, analyze, and resolve system problems
• Provide system/equipment/specialized training and technical guidance
• Determine system specifications, input/output processes, and working parameters for hardware/software compatibility
• Provide guidance and work leadership to less-experienced systems engineers and may have supervisory responsibilities
• Serves as liaison with clients, participating in meetings to ensure client needs are me
• Work independently, as well as a member of a Team.
• Provide a high level of customer service through comprehensive communication and professionalism.

You Have:

• US Citizenship
• An active DoD secret clearance
• Hands on experience and expertise from previous engagements in designing and deploying ICAM programs for large scale enterprise customers
• A Bachelor's Degree in relevant studies or equivalent career development (4+ years) in addition to practical experience with core competencies.
• Combination of 10+ years' in information security & engineering experience
• Solid understanding of cyber landscape + typical threat vectors
• DoD 8570 approved IAT Level III or IAM Level II certifications such as CISSP, CISA, CSEIP, or equivalent, or the ability to obtain appropriate certification within 90 days of hire.
• Background and knowledge of the common industry service offerings within ICAM technologies
• Expert experience integrating cloud-based identity management across cloud and on-premises domains
• Detailed knowledge of directory services, including LDAP, Active Directory, ADFS, Azure AD, AWS IAM, AWS Cognito, and Azure Domain Services
• Demonstrated expertise in implementing cross-domain Claims-Based authentication frameworks
• Expertise on production, enterprise scales with authentication/authorization /identity management solutions such as Active Directory, VMware Identity Management, OAuth, OpenID, SAML, and Identity Federations
• Experience with enterprise automation, DevOPS, and Continuous Integration pipelines
• Core competencies in the various IaaS, SaaS, and PaaS services offered by major cloud service providers such as Microsoft Azure and Amazon AWS.
• Familiarity with data analytics, cloud, virtualization, remote access, and mobile technologies
• Experience with object-oriented programming in high-level scripting languages such as Python, PowerShell, JavaScript, Bash, etc.
• Database setup and integration, both relational and NoSQL (Oracle DB, MySQL, Mongo DB, AWS Dynamo DB)

Nice to Have:

• Active qualifying DoD approved certification listed above.
• Experience in the detailed plan, design, and execution of complex, cross-domain enterprise identity management solutions.
• Ability to apply knowledge in secure environments, without access to internet reference-material.
• Thorough understanding of technical systems architecture; able to "dive deep" to determine root cause of issues across technical domains.
• Clear understanding of encryption concepts, tools, and protocols, such as certificate management, TLS implementations, ciphers and hashes, and others.
• Knowledge and experience with NIST Risk Management Framework.
• Ability to define and articulate the "big picture" long-term vision for the associated technologies, and develop short term plans to achieve it
• Self-Motivated, strong work ethic and commitment to quality
• A passion for learning about, and working in the IT industry