Description
SAIC is seeking a highly skilled and motivated? ICAM Architect ?to design, implement, and optimize advanced? Identity, Credential, and Access Management (ICAM) ?solutions for a mission-critical enterprise IT environment. This position will support our MAJESTIC Joint Program Office (JPO) Team and requires an experienced professional with in-depth knowledge of ICAM architecture and compliance with federal identity and access management standards, such as? FICAM ?and? Zero Trust Architecture ?principles.
As the ICAM Architect, you will lead efforts to develop secure, scalable, and interoperable identity systems. The role requires expertise in integrating identity and access control solutions across on-premises, hybrid, and cloud environments. The ICAM Architect will collaborate with cross-functional teams to enforce proper access controls, enhance system security, and align with mission priorities, ensuring only properly credentialed individuals have access to critical resources.
All work must be performed on-site in? Springfield, VA .
Key Responsibilities:
Design and implement ICAM architectures that align with mission needs, Zero Trust principles, and compliance with FICAM.
Develop workflows for identity lifecycle management, including provisioning, deprovisioning, and secure credentialing (e.g., PKI, PIV, CAC).
Integrate on-premises, hybrid, and cloud identity solutions, leveraging technologies like SAML, OAuth, OpenID Connect, and LDAP.
Deploy and manage SSO, MFA, and Privileged Access Management (PAM) solutions to enhance authentication and access security.
Optimize secure access to applications and resources by designing RBAC/ABAC models and automating workflows with tools like Ansible, Terraform, or PowerShell.
Monitor identity systems using tools like Splunk or other SIEM platforms to detect and respond to threats and anomalies.
Collaborate with cross-functional teams to ensure seamless integration of ICAM systems into broader IT environments.
Provide technical briefings, metrics, and status updates for leadership while maintaining comprehensive technical documentation.
Qualifications
Education:
Bachelor's Degree
Certifications (CWF Requirements):
Candidates must satisfy Cybersecurity Workforce Framework (CWF)? ID 4 43 (Network Analyst - Intermediate Level) ?requirements, as outlined by?Navy COOL (https://www.cool.osd.mil/usn/cswf/index.html?CWFModel) .
This requirement can be met by possessing one or more of the following qualifying certifications:
CompTIA Cloud+ CompTIA Security+ GIAC Global Industrial Cyber Security Professional (GICSP)
GIAC Security Essentials Certification (GSEC)
Systems Security Certified Practitioner (SSCP)
OR This requirement can be met through:
A? Bachelor's Degree ?in Cybersecurity, Computer Science, IT, or a related field.
Experience:
10 -15 years ?of professional experience managing and supporting enterprise-level?IT environments.
Technical Skills:
Deep expertise in identity federation, authentication, and authorization protocols (e.g., SAML, OAuth, OpenID Connect, Kerberos).
Hands-on experience with Active Directory, Azure Active Directory, LDAP, and PKI-based systems.
Proficient in designing and implementing Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) models for secure enterprise systems.
Skilled in deploying and managing Single Sign-On (SSO) and Multi-Factor Authentication (MFA) using tools like Okta, Duo, or Ping Identity.
Experienced with monitoring and detecting anomalies using identity analytics tools and SIEM platforms like Splunk.
Strong background in scripting and workflow automation using tools such as PowerShell, Bash, or Terraform to enhance ICAM processes.
Preferred Certifications (In Addition to CWF Requirements):
Certified Information Systems Security Professional (CISSP) or equivalent.
Microsoft Certified: Security, Compliance, and Identity Fundamentals.
Vendor-specific certifications for identity tools such as ForgeRock, Okta, Ping Identity, or SailPoint.
Experience establishing ICAM within a Zero Trust Architecture (ZTA) framework.
Clearance Requirement:
Active? TS/SCI ?clearance with the ability to obtain and maintain a? TS/SCI with Poly .
Work Environment and Notes:
On-Site Work: ?All work must be conducted? on-site ?in Springfield, VA.
Program Scope: ?Supports on-premises enterprise IT environments, including virtualized Windows servers, MS SQL Server databases, and networking layers.
Subcontractor Role: ?Responsibilities and compensation vary based on the subcontract agreement, with a competitive salary aligned to market rates and role-specific requirements.
REQNUMBER: 2611686
SAIC is a premier technology integrator, solving our nation's most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability
