Find your next cybersecurity opportunity


Identity and Access Management (ICAM) Engineer



United States · Remote
Posted on Tuesday, June 18, 2024

Looking for an opportunity to make an impact?

At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers’ success. We empower our teams, contribute to our communities, and operate sustainable. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business.

If this sounds like a mission you want to be a part of, keep reading!

The Health and Civil Sector uses a wide range of capabilities in Digital Modernization, Mission Software Systems, and enabling technologies like Artificial Intelligence and Machine Learning to support our customers’ mission in advancing biomedical research and protecting public health. Our team’s focus is ensuring our health customers have the right solutions to keep pace with an ever-evolving public health landscape and prevent the next public health crisis. To explore and learn more, click here!

Your greatest work is ahead!

Job Description

Leidos’ Civilian Health Solutions Operation is seeking a dynamic, mission-centric hands-on Identity and Access Management (ICAM) Engineer to support a federal agency’s large, mission-critical Enterprise Security.

Candidate local to the DC metropolitan area is preferred.

Candidate MUST be US Citizen or US Person with the ability to obtain a Public Trust Clearance.

Candidate MUST be located in the United States currently and for the current three consecutive years

The ICAM Lead shall support the planning and execution of ICAM Governance and program activities. The candidate must possess strong communications skills and the demonstrated ability to convey technical concepts to non-technical audiences.

Primary Responsibilities

  • Develop and implement comprehensive cybersecurity programs to protect customer data and systems; support the lifecycle management of digital identities.
  • Provide ongoing technical expertise for the agency’s identity credential and access management mechanisms that identify, authenticate, and authorize individuals and technical services to enable appropriate access to resources in a standardized and interoperable manner.
  • Provide solutions and support for lifecycle management of non-PIV multifactor credentials such as Microsoft Entra ID (formerly Azure AD) multifactor authentication (MFA) capabilities.
  • Implement and maintain Azure well-architected security principles, ensuring robust security posture, including managing role-based access control (RBAC) to enforce least privilege access and safeguard resources.
  • Integrate and manage Entra ID and/or Okta with various SaaS products to streamline authentication and authorization processes, ensuring seamless user access and enhanced security.
  • Provide solutions and support for role-based and attribute-based lifecycle management to control access permissions.
  • Assist with Azure Privileged Identity Management (PIM) to enhance the security of administrative roles by providing just-in-time (JIT) access to privileged resources.
  • Monitor and audit privileged access activities through Azure PIM to ensure compliance with organizational security policies and regulatory requirements.
  • Configure and maintain Azure PIM policies, including approval workflows, role assignments, and access reviews, to ensure appropriate control over privileged accounts.
  • Assist with customer status reporting, metric reporting, and ICAM Governance.
  • Develop security and other SOP documentation.
  • Ensure proper measures are taken when a cybersecurity incident or vulnerability is discovered.
  • Coordinate cybersecurity compliance inspections, tests, and reviews.
  • Support the development and implementation of an effective cybersecurity education, training,

Required Qualifications:

  • Active Public Trust Clearance or ability to obtain a Public Trust Clearance.
  • Bachelor’s degree in computer science, Information Systems, Engineering, or other related disciplines and 8-10 years of experience, including Identity Credential and Access Management (ICAM) experience.
  • Extensive experience supporting Microsoft Entra ID (formerly Azure AD) Multifactor Authentication (MFA) and implementing Azure well-architected security principles.
  • Proficiency in role-based access control (RBAC) within Microsoft Entra ID to ensure secure and efficient access management.
  • Experience integrating and managing Entra ID and Okta with SaaS products for streamlined and secure access.
  • Experience supporting Federation services, with Entra ID and Okta.
  • Working knowledge of PIV Card and Digital Identity Standards (HSPD-12, FIPS 201, 800-63, 800-73).
  • Ability to potentially interact with senior staff in the agency and scientific community.
  • Ability to work/collaborate with different contractor and government teams, as well as industry and vendors, with a high level of professionalism, good judgment, and tact.
  • Ability to work well under pressure and be flexible at juggling competing priorities. Must be resourceful and independent problem solvers.
  • ITIL Foundations or equivalent experience.


Original Posting Date:


While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

Pay Range $101,400.00 - $183,300.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.