Journeyman ICAM Administrator
Maximus · United States · 2 wk ago
RemoteRemoteInformation Technology$50k/yrFull-time
Job Summary
This position is contingent upon contract award and position availability. Selected candidates will receive a contingent offer of employment, which will become final only upon successful contract award to Maximus, availability of the position, and receipt of authorization to proceed.
Qualifications
- Ability to obtain and maintain a Public Trust is required.
- An active Public Trust and/or DHS suitability is preferred.
- Must be a U.S. Citizen without dual citizenship.
- This is a remote position.
Job-Specific Essential Duties and Responsibilities
- Operate, maintain, and sustain enterprise directory, federation, and Single Sign-On (SSO) services in support of DHS IT and OT environments, including on-premises, cloud, and hybrid systems.
- Serve as a Tier-2 ICAM engineer, troubleshooting complex authentication, identity, and access issues, and implementing approved configuration changes across directory and SSO platforms.
- Manage PIV-based multi-factor authentication (MFA) and ensure compliance with HSPD-12 requirements for logical access.
- Enforce role-based access control (RBAC) and least-privilege principles, including privileged account lifecycle management, audits, and support for privileged user training.
- Maintain comprehensive ICAM audit trails, ensuring logging, monitoring, and evidence collection support DHS compliance, cybersecurity operations, and audit readiness.
- Produce ICAM compliance, lifecycle, and metrics reporting, including inactive account identification, service account tracking, and annual service account credential resets.
- Develop and maintain detailed ICAM documentation, workflows, and standard operating procedures to support operational transparency, resilience, and knowledge transfer.
Minimum Requirements
- Hands-on experience operating enterprise directory services and SSO/federation platforms.
- Experience supporting PIV-based MFA and HSPD-12 logical access compliance.
- Proven ability to manage privileged accounts, RBAC enforcement, and least-privilege controls.
- Experience maintaining ICAM audit logs, lifecycle reporting, and compliance artifacts.
- Experience supporting ICAM services across on-premises, cloud, and hybrid environments.
- Familiarity with integrating ICAM operations with cybersecurity, incident response, and audit functions.
- Bachelor’s degree in information systems, Computer Science, Cybersecurity, or a related field (or equivalent experience).
- 5+ years supporting enterprise identity, directory, or access management services.
Preferred Skills and Qualifications
- Experience supporting federal government environments.
- Familiarity with Zero Trust identity concepts and enterprise authentication modernization.
- Experience developing automated audit reporting and identity analytics dashboards.
- Strong documentation and stakeholder communication skills.
- Experience supporting ICAM-related user and privileged access training initiatives.