Job description

Azure Identity & Policy Engineer Job Category: Information Technology Time Type: Full time Minimum Clearance Required to Start: Secret Employee Type: Regular Percentage of Travel Required: None Type of Travel: None * * * The Opportunity: The Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM) Program is seeking an Azure Identity & Policy Engineer to support the United States Coast Guard (USCG). This position will focus on designing, implementing, and managing identity, access, and governance policies in Microsoft Azure environments. The ideal candidate will have experience with Azure Active Directory (Azure AD), Conditional Access, Microsoft Entra, Privileged Identity Management (PIM), and policy enforcement to secure access and enable Zero Trust Architecture. This is a critical role that ensures identity integrity and policy compliance across cloud and hybrid USCG systems. Responsibilities: • Design and implement identity and access management (IAM) solutions using Azure AD, Entra ID, Conditional Access, and PIM. • Develop and maintain role-based access control (RBAC), group strategies, and just-in-time access workflows. • Support USCG Zero Trust initiatives by engineering Conditional Access policies that enforce least privilege and contextual authentication. • Manage Azure AD tenant configuration, including synchronization with on-premises AD and integration with third-party applications. • Establish and enforce policy compliance using Microsoft Entra ID Governance, Azure Policy, and Identity Protection. • Monitor identity risk signals and perform remediation using tools such as Microsoft Defender for Identity and Sentinel. • Develop custom scripts and automation workflows using PowerShell, Graph API, and Azure CLI for identity lifecycle management. • Document identity architecture, access control models, and procedures to support USCG Risk Management Framework (RMF) artifacts. • Collaborate with USCG security, networking, and application teams to enforce identity-centric security controls across environments. • Support audits, ATOs, and compliance reviews by providing evidence of identity controls and access enforcement. Qualifications: • 5+ years of experience in Azure identity and access engineering or enterprise IAM. • 3+ years of experience configuring Azure AD, Conditional Access, Entra ID, and PIM. • Strong understanding of Zero Trust Architecture and enforcement in cloud environments. • Experience implementing access governance and JIT access using Microsoft Entra or equivalent tools. • Familiarity with federal cybersecurity frameworks such as NIST 800-53, NIST 800-171, and FedRAMP. • Proficiency with PowerShell, Microsoft Graph API, or Azure CLI for identity automation. • Experience supporting system audits, control reviews, and RMF documentation in a federal setting. • Excellent written and verbal communication skills for technical documentation and stakeholder engagement. Desired: • Bachelor’s degree in Information Technology, Cybersecurity, or a related technical field. • Microsoft certifications such as SC-300, AZ-500, or SC-100. • Experience supporting USCG, DHS, or DoD identity programs. • Hands-on experience integrating third-party identity providers (e.g., Okta, Duo) with Azure AD. • Knowledge of Azure AD B2B/B2C configurations and federation (SAML, OAuth, OpenID Connect). • Familiarity with Azure Lighthouse, Cross-Tenant Access Settings, or Entra Permissions Management. - ________________________________________________________________________________________ What You Can Expect: A culture of integrity. At CACI, we place character and innovation at the center of everything we do. As a valued team member, you’ll be part of a high-performing group dedicated to our customer’s missions and driven by a higher purpose – to ensure the safety of our nation. An environment of trust. CACI values the unique contributions that every employee brings to our company and our customers - every day. You’ll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality. A focus on continuous growth. Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground — in your career and in our legacy. Your potential is limitless. So is ours. Learn more about CACI here. ________________________________________________________________________________________ Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here. Since this position can be worked in more than one location, the range shown is the national average for the position. The proposed salary range for this position is: $82,100-$172,400 CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic. SEE YOURSELF AT CACI... ...where you will have the opportunity to apply your innovative ideas to work that matters. You'll grow in an environment that values ethics and integrity. And you'll be at the core of some of our nation's most critical missions. Discover the meaningful work CACI does and how you can make an impact.

Requirements