CrawlJobs Logo
Barbaricum Logo Barbaricum · IT - Administration

ICAM Identity Engineer

United States, Tampa · Job Posted January 30, 2026
Apply Position
Job Link Share

Job Description

We are seeking an ICAM Identity Engineer to provide hands-on implementation and operational support for enterprise identity, credential, and access management platforms. The ICAM Identity Engineer is a hands-on technical specialist responsible for deploying, configuring, and maintaining identity platforms that enforce least-privilege access and Zero Trust principles. This role focuses on execution within Identity Providers (IdP), Privileged Access Management (PAM), and Identity Governance and Administration (IGA) solutions across cloud and on-prem environments.

Job Responsibility

  • Implement and maintain Microsoft Entra ID Conditional Access policies and CAC/PKI authentication
  • Manage federation and SSO integrations using Ping Federate (SAML, OIDC, MFA)
  • Onboard and manage privileged accounts within an enterprise PAM solution (e.g., Delinea)
  • Configure credential rotation, session monitoring, and Just-In-Time / Just-Enough-Administration workflows
  • Implement SailPoint IGA workflows for Joiner-Mover-Leaver lifecycle automation and access certification
  • Administer Active Directory using delegated administration tools (e.g., Active Roles)
  • Manage Linux identity and authorization policies using Red Hat IdM (HBAC, sudo)
  • Troubleshoot identity, authentication, and access control issues across enterprise environments

Requirements

  • Active DoD Top Secret clearance with SCI eligibility
  • DoD 8140 compliant (IAT Level II or higher)
  • Hands-on experience with at least one core identity platform: Microsoft Entra ID, Enterprise PAM (e.g., Delinea), Enterprise IGA (e.g., SailPoint)
  • Strong understanding of identity security principles (least privilege, MFA, RBAC/ABAC, JIT/JEA)
  • Experience administering Active Directory and enterprise identity policies
  • Ability to implement and troubleshoot complex access control and security configurations
  • Labor Category Alignment: Journeyman: 3–10 years of experience
  • BA/BS or MA/MS
  • Senior: 10+ years of experience
  • MA/MS
  • supports mission-critical efforts and may lead others
  • SME: Recognized ICAM expert providing strategic guidance and leadership on complex identity initiatives

Nice to have

  • Microsoft Certified: Identity and Access Administrator (SC-300)
  • Delinea Certified Administrator
  • SailPoint IdentityNow certification
  • Ping Federate certification
  • Experience with Red Hat IdM
Barbaricum - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

ICAM Identity Engineer

8 matching positions

ICAM Identity Engineer

We are seeking an ICAM Identity Engineer to provide hands-on technical expertise...
Location
Location
United States , Tampa
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active TS/SCI Clearance
  • Demonstrated, hands-on expertise with at least one core ICAM platform (Microsoft Entra ID, enterprise PAM such as Delinea, or enterprise IGA such as SailPoint)
  • Strong understanding of identity security principles: least privilege, MFA, JIT/JEA, RBAC/ABAC
  • Experience with Active Directory administration and Group Policy management
  • Ability to design, implement, and troubleshoot complex enterprise security policies
  • DoD 8140 compliance at IAT Level II
Job Responsibility
Job Responsibility
  • Design and implement Microsoft Entra ID Conditional Access policies aligned with Zero Trust principles for Azure and AWS
  • Configure and maintain CAC/PKI-based Certificate Authentication and legacy ADFS environments
  • Manage Ping Federate as an enterprise federation gateway
  • onboard applications for SSO using SAML and OIDC
  • enforce phishing-resistant MFA
  • Onboard privileged user, service, and application accounts into Delinea
  • Implement policies for credential rotation, session recording, and privileged session monitoring
  • Develop and maintain Just-in-Time (JIT) and Just-Enough-Administration (JEA) workflows to reduce standing privileges
  • Configure SailPoint to automate Joiner-Mover-Leaver processes
  • Build and maintain enterprise access catalogs and automated approval workflows
Read More
Arrow Right

ICAM Engineer

As an Identity and Access Management (IAM) Engineer at Booz Allen, you’ll play a...
Location
Location
United States , Fort Meade
Salary
Salary:
86900.00 - 198000.00 USD / Year
boozallen.com Logo
Booz Allen Hamilton
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of experience supporting ICAM, security operations, or identity governance programs
  • 3+ years of experience with the administration of directory services such as Active Directory or LDAP
  • 3+ years of experience with cybersecurity administration, including identity lifecycle management
  • Experience with MFA solutions such as Okta, Duo, or AuthO, and Privileged Access Management such as CyberArk or Delinea
  • Experience supporting IAM solutions in cloud environments such as Azure or AWS
  • Knowledge of PKI, PIV standards, and identity security best practices
  • Knowledge of identity-focused cybersecurity principles and controls
  • Ability to analyze technical documentation and incorporate industry best practices and security findings
  • Secret clearance
  • HS diploma or GED
Job Responsibility
Job Responsibility
  • Analyze the identity lifecycle, articulating access requirements and defining enterprise identity records
  • Design, deploy, and support systems that verify appropriate user privileges and manage credentials for accessing our clients’ most valuable assets
  • Implement enterprise-class solutions from single sign-on to privileged access systems
What we offer
What we offer
  • Health benefits
  • Life benefits
  • Disability benefits
  • Financial benefits
  • Retirement benefits
  • Paid leave
  • Professional development
  • Tuition assistance
  • Work-life programs
  • Dependent care
  • Fulltime
Read More
Arrow Right

ICAM Engineer

Play a critical role in the world of IAM and zero trust. Support large-scale IAM...
Location
Location
United States , Fort Meade
Salary
Salary:
86900.00 - 198000.00 USD / Year
boozallen.com Logo
Booz Allen Hamilton
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of experience supporting ICAM, security operations, or identity governance programs
  • 3+ years of experience with administration of directory services such as Active Directory or LDAP
  • 3+ years of experience with cybersecurity administration, including identity lifecycle management
  • Experience with MFA solutions, such as Okta, Duo, or AuthO and Privileged Access Management such as CyberArk or Delinea
  • Experience supporting IAM solutions in cloud environments such as Azure or AWS
  • Knowledge of PKI and PIV standards and identity security best practices
  • Knowledge of identity-focused cybersecurity principles and controls
  • Ability to analyze technical documentation and incorporate industry best practices and security findings
  • Secret clearance
  • HS diploma or GED
Job Responsibility
Job Responsibility
  • Support large-scale IAM projects for government clients
  • Analyze the identity lifecycle, articulating access requirements, and defining enterprise identity records
  • Design, deploy, and support systems that verify appropriate user privileges and manage credentials for accessing clients’ most valuable assets
  • Implement enterprise-class solutions from single sign-on to privileged access systems
What we offer
What we offer
  • Health, life, disability, financial, and retirement benefits
  • Paid leave
  • Professional development
  • Tuition assistance
  • Work-life programs
  • Dependent care
  • Recognition awards program
Read More
Arrow Right

ICAM Engineer

The user is the last frontier for cybersecurity. It’s where the perimeter is dra...
Location
Location
United States , Fort Meade
Salary
Salary:
86900.00 - 198000.00 USD / Year
boozallen.com Logo
Booz Allen Hamilton
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of experience supporting ICAM, security operations or identity governance programs
  • 3+ years of experience with administration of directory services such as Active Directory or LDAP
  • 3+ years of experience with cybersecurity administration, including identity lifecycle management
  • Experience with MFA solutions, such as Okta, Duo, or AuthO, and Privileged Access Management such as CyberArk or Delinea
  • Experience supporting IAM solutions in cloud environments such as Azure or AWS
  • Knowledge of PKI, PIV standards and identity security best practices
  • Knowledge of identity-focused cybersecurity principles and controls
  • Ability to analyze technical documentation and incorporate industry best practices and security findings
  • Secret clearance
  • HS diploma or GED
Job Responsibility
Job Responsibility
  • Support large-scale IAM projects for our government clients
  • Analyze the identity lifecycle, articulating access requirements and defining enterprise identity records
  • Design, deploy, and support systems that verify appropriate user privileges and manage credentials for accessing our clients’ most valuable assets
  • Implement enterprise-class solutions from single sign-on to privileged access systems
What we offer
What we offer
  • Health, life, disability, financial, and retirement benefits
  • Paid leave
  • Professional development
  • Tuition assistance
  • Work-life programs
  • Dependent care
  • Recognition awards program
Read More
Arrow Right

ICAM Integration Engineer

This position offers the opportunity to be a hands-on technical leader within a ...
Location
Location
United States , Tampa
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience scripting with PowerShell and/or Python for automation and systems integration
  • Hands-on experience with Red Hat Ansible for configuration management
  • Strong understanding of identity federation protocols (SAML, OIDC, WS-Federation) and directory services (LDAP, Kerberos)
  • Proficiency with REST API integration for enterprise systems
  • Familiarity with both Windows Server and Red Hat Enterprise Linux (RHEL)
  • DoD 8140 IAT Level II certification
Job Responsibility
Job Responsibility
  • Develop, test, and maintain Ansible playbooks to automate deployment and configuration of ICAM infrastructure across Windows and Linux (RHEL) environments
  • Apply Infrastructure-as-Code (IaC) principles to ensure secure, consistent, and repeatable deployments
  • Configure and maintain Active Directory (AD) and Red Hat Identity Management (IdM) trusts to enable unified authentication
  • Implement and troubleshoot federation scenarios using Ping Federate, integrating with ADFS, SAML, OIDC, and mission partner environments
  • Manage data synchronization and virtualization layers to deliver a unified Master User Record (MUR)
  • Build and maintain API-driven integrations across SailPoint (IGA), Delinea (PAM), and One Identity Active Roles (ARS)
  • Script workflows to connect SailPoint access requests with Delinea for Just-in-Time (JIT) privileged access
  • Configure SailPoint connectors for account provisioning and de-provisioning in AD, Microsoft Entra ID, and other systems
  • Integrate ICAM components with the enterprise SIEM, ensuring logs are properly formatted and ingested for security monitoring
Read More
Arrow Right

Mid-Level SailPoint Developer

Assurit is currently seeking an experienced Mid-Level SailPoint Developer (ICAM ...
Location
Location
United States , Arlington
Salary
Salary:
Not provided
assurit.com Logo
Assurit
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 5 years of relevant experience in IT, cybersecurity, or identity and access management
  • Active DoD Secret Clearance
  • Hands-on experience with SailPoint IdentityIQ (IIQ) implementations as a developer with proficiency in Java
  • Minimum 3 years of hands-on SailPoint IdentityIQ (IIQ) development experience
  • Ability to develop custom connectors, rules, and workflows using Java
  • Experience writing and debugging BeanShell scripts for customization within IdentityIQ
  • Ability to work with XML for configuration, policy definitions, and data exchange
  • Experience integrating IdentityIQ with external systems using RESTful and SOAP web services
  • Familiarity with SailPoint APIs for extending and integrating IdentityIQ functionality
  • Knowledge of access certifications, role management, provisioning, and governance features in IdentityIQ
Job Responsibility
Job Responsibility
  • Support end-to-end onboarding of enterprise applications into SailPoint IdentityIQ (IIQ)
  • Configure and maintain SailPoint connectors and integrations with Active Directory, LDAP, cloud applications, and enterprise systems
  • Support development and customization of SailPoint workflows, lifecycle events, provisioning rules, and approval processes
  • Develop and troubleshoot Java and BeanShell-based SailPoint rules and customizations
  • Troubleshoot provisioning failures, aggregation issues, schema discovery problems, entitlement mapping discrepancies, and connector synchronization issues
  • Support identity lifecycle management processes including Joiner, Mover, and Leaver (JML) events
  • Perform entitlement analysis, access mapping, and attribute validation to support accurate identity governance
  • Support REST/SOAP integrations between SailPoint and downstream enterprise systems
  • Participate in testing, deployment, and operational support activities for SailPoint onboarding initiatives
  • Review logs and debug SailPoint provisioning and aggregation processes
What we offer
What we offer
  • medical and dental coverage
  • paid time off
  • Fulltime
Read More
Arrow Right

Zero Trust IGA Engineer

We are seeking an IGA Engineer to support USSOCOM’s Zero Trust execution efforts...
Location
Location
United States , Tampa
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD Top Secret clearance with SCI eligibility
  • DoD 8570 / 8140 compliant (Security+ CE or higher – IAT Level II)
  • 5+ years of hands-on experience implementing and administering SailPoint (IdentityNow or IdentityIQ) in an enterprise environment
  • Strong understanding of identity lifecycle management (Joiner-Mover-Leaver automation)
  • Experience integrating SailPoint with Active Directory, LDAP, and Microsoft Entra ID
  • Experience implementing access governance concepts, including RBAC, separation of duties (SoD), and access certification
  • Ability to operate independently in complex, mission-critical environments
  • Labor Category Alignment: Journeyman: 3–10 years of experience
  • BA/BS or MA/MS
  • Senior: 10+ years of experience
Job Responsibility
Job Responsibility
  • Design, deploy, and maintain SailPoint IdentityNow or IdentityIQ to automate Joiner-Mover-Leaver (JML) identity lifecycle processes
  • Define and manage identity attributes (e.g., clearance, role, COI, project codes) used to support attribute-based access control (ABAC) models
  • Configure and execute automated access certification campaigns for privileged roles and critical systems
  • Develop and maintain SailPoint role models, including technical and business roles, to replace static group-based access
  • Support identity governance operations across disconnected and air-gapped environments, including Top Secret networks
  • Ensure identity data integrity and synchronization between low-side and high-side environments
  • Collaborate with ICAM, Zero Trust, and integration teams to ensure identity attributes are consumed correctly by downstream enforcement tools
  • Support audit and compliance requirements related to access governance and identity lifecycle management
Read More
Arrow Right

System Information Assurance and Security Engineer

Barbaricum is seeking a highly skilled System Information Assurance and Security...
Location
Location
United States , Tampa
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD TS/SCI Clearance
  • Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field (Master’s preferred)
  • 5+ years of experience in enterprise identity and access management architecture
  • Demonstrated expertise with Zero Trust frameworks and DoD ICAM standards
  • Hands-on experience with SAML, OAuth2.0, OpenID Connect, PKI, and certificate management
  • Experience with DoD enterprise solutions such as Radiant Logic, Okta, Ping Identity, SailPoint, ForgeRock, Microsoft Entra ID (Azure AD), or equivalent
  • Deep knowledge of Privileged Access Management and Identity Governance & Administration solutions
  • Strong understanding of DoD cybersecurity compliance frameworks (RMF, NIST SP 800-53, 800-207, 8140/8570)
  • IAM / DoD Certification IAT Level II (e.g., Security+ CE, SSCP, GSEC)
Job Responsibility
Job Responsibility
  • Execute engineering solutions for identity credential and access management for Zero Trust implementation across enterprise systems
  • Design and maintain an enterprise-wide identity and access management strategy aligned with DoD Zero Trust principles, NIST 800-207, and DoD ICAM Reference Design
  • Lead integration of federated identity, single sign-on (SSO), and multi-factor authentication (MFA) across cloud and on-prem environments
  • Develop and maintain policies, standards, and reference architectures to enforce least-privilege and attribute-based access control (ABAC)
  • Conduct the implementation of Privileged Access Management (PAM) and Identity Governance and Administration (IGA) solutions
  • Collaborate with cybersecurity, network, and cloud teams to align ICAM solutions with Zero Trust pillars (identity, device, network, application, and data)
  • Ensure compliance with DoD 8140/8570, RMF, FedRAMP, and other applicable frameworks
  • Lead proof-of-concepts (POCs) and technology evaluations for emerging identity
Read More
Arrow Right