Sr ICAM System Engineer

Description SAIC is seeking a Sr ICAM System Engineer in Alexandria (Kingstowne), VA to support the Naval Information Warfare Center Atlantic. Job Duties

• Work with the Identity, Credential, and Access Management (ICAM) Team to assist with the designing of scalable, configurable, and resilient (highly available solutions for ICAM and related Systems and Services. These Systems and Services include Active Directory, Active Roles Server, Azure AD, ADFS, Exchange/Office365, User Account Creation, Mailbox move, AD Object auditing and management, etc.
• Perform complex ICAM systems development and design work that may include data modelling, cost projections, software architecture analysis, and technical design.
• Plans and directs upgrades and other changes to ICAM software and related systems
• Provide enterprise systems engineering guidance, systems security technical guidance, expert technical advice, technology assessments (research and proof-of-concepts), acquisition analysis (AoAs), and independent technical reviews.
• Participate in enterprise approval boards such as Technical Review and Change Control Boards
• Perform systems process and data modeling, simulation, and analysis
• Review completion and implementation of ICAM system changes and makes recommendations to the customer
• Develop documentation on new and/or existing systems
• Develop and direct tests to ensure systems meet documented user requirements
• Identify, analyze, and resolve system problems

• Bachelor's degree in information security & engineering field with 10 years equivalent work experience.
• DoD 8570 approved IAT Level III or IAM Level II certifications such as CISSP, CISA, CSEIP, or equivalent, or the ability to obtain appropriate certification within 90 days of hire.
• Active DOD Secret Security Clearance.
• Experience designing and deploying ICAM programs for large scale enterprise customers. Solid understanding of cyber landscape and typical threat vectors
• Extensive experience with Role Based Access Controls (RBAC), System Engineering Life Cycle (SELC) and/or System Development Life Cycle (SDLC) in applying to the development process.
• Background and knowledge of the common industry service offerings within ICAM technologies. Experience integrating cloud-based identity management across cloud and on-premises domains. Knowledge of directory services, including LDAP, Active Directory, Azure AD, AWS IAM, AWS Cognito, and Azure Domain Services.
• Be proficient with PowerShell to design and develop new scripts to improve administration, update existing scripts with new methods and/or efficiencies, and convert existing scripts in other languages (e.g., VB Script, C#) to PowerShell where necessary.
• Demonstrated expertise in implementing cross-domain Claims-Based authentication frameworks. Expertise on production, enterprise scales with authentication/authorization /identity management solutions such as Active Directory, VMware Identity Management, OAuth, OpenID, SAML, and Identity Federations.
• Experience with enterprise automation, DevOPS, and Continuous Integration pipelines.
• Familiarity with data analytics, cloud, virtualization, remote access, and mobile technologies. Experience with object-oriented programming in high-level scripting languages such as Python, PowerShell, JavaScript, Bash, etc. Database setup and integration, both relational and NoSQL (Oracle DB, MySQL, Mongo DB, AWS Dynamo DB).
• Recent work experience applying professional engineering practices for the full system engineering and/or DevOPS life cycle, including coding standards, code reviews, source control management, build processes, testing, documentation, and operations.
• Experience with agile development or DevOPS stacks, including: System Automation (Ansible/puppet/bladelogic) Source Control (Git/SVN/TFS).
• Thorough understanding of technical systems architecture
• Understanding of general security concepts and controls relevant to enterprise systems.
• Clear understanding of encryption concepts, tools, and protocols, such as certificate management, TLS implementations, ciphers and hashes, and others.
• Knowledge and experience with NIST Risk Management Framework.