Sr ICAM System Engineer
- Military veterans preferred
2021-06-22 SAIC (www.saic.com)
Alexandria Virginia 22315 United States
SAIC is seeking a Sr ICAM System Engineer in Alexandria (Kingstowne), VA to support the Naval Information Warfare Center Atlantic.
Work with the Identity, Credential, and Access Management (ICAM) Team to assist with the designing of scalable, configurable, and resilient (highly available solutions for ICAM and related Systems and Services. These Systems and Services include Active Directory, Active Roles Server, Azure AD, ADFS, Exchange/Office365, User Account Creation, Mailbox move, AD Object auditing and management, etc.
Perform complex ICAM systems development and design work that may include data modelling, cost projections, software architecture analysis, and technical design.
Plans and directs upgrades and other changes to ICAM software and related systems
Provide enterprise systems engineering guidance, systems security technical guidance, expert technical advice, technology assessments (research and proof-of-concepts), acquisition analysis (AoAs), and independent technical reviews.
Participate in enterprise approval boards such as Technical Review and Change Control Boards
Perform systems process and data modeling, simulation, and analysis
Review completion and implementation of ICAM system changes and makes recommendations to the customer
Develop documentation on new and/or existing systems
Develop and direct tests to ensure systems meet documented user requirements
Identify, analyze, and resolve system problems
Required Education and Experience
Bachelor’s degree in information security & engineering field with 10 years equivalent work experience.
DoD 8570 approved IAT Level III or IAM Level II certifications such as CISSP, CISA, CSEIP, or equivalent, or the ability to obtain appropriate certification within 90 days of hire.
Active DOD Secret Security Clearance.
Experience designing and deploying ICAM programs for large scale enterprise customers. Solid understanding of cyber landscape and typical threat vectors
Extensive experience with Role Based Access Controls (RBAC), System Engineering Life Cycle (SELC) and/or System Development Life Cycle (SDLC) in applying to the development process.
Background and knowledge of the common industry service offerings within ICAM technologies. Experience integrating cloud-based identity management across cloud and on-premises domains. Knowledge of directory services, including LDAP, Active Directory, Azure AD, AWS IAM, AWS Cognito, and Azure Domain Services.
Be proficient with PowerShell to design and develop new scripts to improve administration, update existing scripts with new methods and/or efficiencies, and convert existing scripts in other languages (e.g., VB Script, C#) to PowerShell where necessary.
Demonstrated expertise in implementing cross-domain Claims-Based authentication frameworks. Expertise on production, enterprise scales with authentication/authorization /identity management solutions such as Active Directory, VMware Identity Management, OAuth, OpenID, SAML, and Identity Federations.
Experience with enterprise automation, DevOPS, and Continuous Integration pipelines.
Recent work experience applying professional engineering practices for the full system engineering and/or DevOPS life cycle, including coding standards, code reviews, source control management, build processes, testing, documentation, and operations.
Experience with agile development or DevOPS stacks, including: System Automation (Ansible/puppet/bladelogic) Source Control (Git/SVN/TFS).
Thorough understanding of technical systems architecture
Understanding of general security concepts and controls relevant to enterprise systems.
Clear understanding of encryption concepts, tools, and protocols, such as certificate management, TLS implementations, ciphers and hashes, and others.
Knowledge and experience with NIST Risk Management Framework.