Job description

Lead ICAM Active Directory Engineer Location: Washinton, DC (On-site) Work Type: Full Time Clearance: Public Trust Job Description: GridIron IT is looking forLead ICAM Active Directory Engineerlocal to Washington, DC. The ICAM Engineer Technical Lead will be responsible for leading and overseeing the technical direction of the Identity, Credential, and Access Management (ICAM) infrastructure, with a focus on Active Directory, Azure Active Directory, and Okta solutions. You will leverage your deep expertise to design and implement best practices for identity governance, authentication, and access management, ensuring the systems remain secure, efficient, and scalable. This role requires leadership skills, technical proficiency, and the ability to collaborate across teams to deliver high-quality, secure identity solutions. This work is located onsite in the DC area. Key Responsibilities: • Lead the design, implementation, and optimization of Active Directory (AD), Azure Active Directory (Azure AD), and Okta solutions for identity and access management (IAM). • Develop and implement best practices for user provisioning, authentication, and role-based access control (RBAC) across on-prem and cloud environments. • Design and configure Azure AD Connect and ensure seamless hybrid integration between on-prem AD and Azure AD environments. • Implement and manage Single Sign-On (SSO), Multi-Factor Authentication (MFA), and other access control mechanisms across various platforms and applications. • Develop workflows for automated user provisioning and de-provisioning using Okta and Azure AD. • Maintain and improve role-based access control (RBAC) and ensure effective user access lifecycle management across the enterprise. • Lead and manage the administration of Active Directory (both on-premises and hybrid models), including Group Policy Objects (GPOs), Trusts, DNS, and other AD services. • Oversee the Azure AD administration and configuration, including Azure AD Connect, Azure AD B2C, Conditional Access, and Identity Protection. • Ensure the performance, security, and availability of AD and Azure AD systems, including regular audits, patches, and updates. • Lead the configuration, integration, and support of Okta for user authentication, identity lifecycle management, and SSO capabilities. • Implement advanced features such as Adaptive MFA, Okta Lifecycle Management, and API Access Management. • Provide technical leadership and guidance to the ICAM team and cross-functional teams, ensuring that solutions align with best practices, compliance, and security standards. • Develop and execute security monitoring practices to track identity and access management logs, identify suspicious activity, and ensure proper incident response. • Lead discussions and provide recommendations on access control and identity management solutions for cloud applications, SaaS platforms, and legacy systems. • Create and maintain detailed documentation for ICAM architecture, configurations, policies, and procedures. Qualifications: • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Equivalent experience may also be considered. • 5+ years of hands-on experience in Identity and Access Management (IAM), with at least 3 years of experience focusing on Active Directory, Azure AD, and Okta. • Deep expertise in Active Directory administration, including Group Policy, AD Federation Services (ADFS), AD Trusts, and AD security best practices. • Proficiency with Azure AD including configuration of Azure AD Connect, Conditional Access, Identity Protection, and Azure AD B2C. • Experience with Okta Identity and Access Management, including integration, SSO, MFA, and lifecycle management. • Strong understanding of IAM concepts such as SSO, MFA, RBAC, IAM policies, and access governance. • Familiarity with IAM integration patterns and identity synchronization across on-premises and cloud environments. • Knowledge of relevant security and compliance standards such as GDPR, HIPAA, and SOC 2. • Familiarity with scripting and automation tools (e.g., PowerShell, Azure CLI, Okta APIs). • Ability to troubleshoot complex ICAM issues and provide effective solutions in a timely manner. • Strong communication and collaboration skills, capable of working with a diverse range of teams and stakeholders. Desirable Skills: • Experience with advanced identity federation technologies such as SAML, OAuth, and OpenID Connect. • Knowledge of cloud platforms and their IAM services, particularly in AWS or Google Cloud. • Experience with IAM tools for governance, like SailPoint or Saviynt. • Familiarity with security incident response and auditing processes for IAM systems. • Certifications such as Microsoft Certified: Azure Solutions Architect Expert, Certified Information Systems Security Professional (CISSP), or Okta Certified Administrator are highly desirable. Clearance: Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information. Compensation and Benefits: Salary Range: $89,700.00 - $162,150.00 (Compensation is determined by various factors, including but not limited to location, work experience, skills, education, certifications, seniority, and business needs. This range may be modified in the future.) Benefits: Gridiron offers a comprehensive benefits package including medical, dental, vision insurance, HSA, FSA, 401(k), disability & ADD insurance, life and pet insurance to eligible employees. Full-time and part-time employees working at least 30 hours per week on a regular basis are eligible to participate in Gridiron's benefits programs. Gridiron IT Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status or disability status. Gridiron IT is a Women Owned Small Business (WOSB) headquartered in the Washington, D.C. area that supports our clients' missions throughout the United States. Gridiron IT specializes in providing comprehensive IT services tailored to meet the needs of federal agencies. Our capabilities include IT Infrastructure & Cloud Services, Cyber Security, Software Integration & Development, Data Solution & AI, and Enterprise Applications. These capabilities are backed by Gridiron IT's experienced workforce and our commitment to ensuring we meet and exceed our clients' expectations.

Requirements