neteffects
Role Summary
We are seeking an experienced
AD/ICAM Systems Administrator III
to support identity and access management operations for a U.S. Department of Justice program. This role is fully
on-site in Washington, DC (5 days/week)
and focuses on administering, integrating, and securing enterprise identity platforms including
Active Directory, Azure AD, and Okta . The position works independently on day-to-day objectives and owns technical processes within the IAM domain, with a direct impact on operational outcomes.
Key Responsibilities
Administer and manage
on-premises Active Directory
environments, ensuring security, high availability, and proper configuration.
Oversee
Group Policy Objects (GPOs), Trusts, DNS, AD Sites and Services , and AD replication.
Perform
user provisioning and de-provisioning , applying Active Directory security best practices (least privilege, permissions, password policies).
Implement and manage
Active Directory Federation Services (ADFS)
for authentication and federation with cloud and external resources.
Manage
Azure Active Directory (Azure AD)
for cloud-based identity management.
Integrate on-premises AD with Azure AD using
Azure AD Connect , including synchronization, troubleshooting, and identity lifecycle management.
Administer
Azure AD Conditional Access
policies to ensure secure and compliant access.
Implement and configure
Azure AD B2C
for external-facing application authentication.
Oversee administration and integration of
Okta
for identity management, including
SSO, MFA, Universal Directory, Lifecycle Management, and API Access Management .
Ensure seamless integration of Okta with internal and third‑party applications (e.g.,
Office 365, Salesforce, Google Workspace ).
Monitor health, performance, and security of
AD, Azure AD, and Okta
environments and proactively resolve issues.
Develop and maintain
PowerShell scripts
to automate IAM‑related tasks.
Create and maintain
technical documentation
for identity systems and processes.
Collaborate with security, network, and application teams to resolve IAM challenges.
Communicate technical issues and solutions clearly to both technical and non‑technical stakeholders.
Required Technical Skills
Hands‑on administration of
Active Directory , including GPOs, ADFS, trusts, DNS, and AD sites/replication.
Strong experience with
Azure Active Directory , including:
Azure AD Connect
Conditional Access
Azure AD B2C
Expertise with
Okta , including:
Single Sign-On (SSO)
Multi‑Factor Authentication (MFA)
Universal Directory
Lifecycle Management
API Access Management
Proficiency in
PowerShell
for automation and system management.
Working knowledge of IAM protocols:
SAML, OAuth, OpenID Connect, LDAP .
Strong understanding of identity security best practices, including
MFA and RBAC .
Ability to troubleshoot complex authentication, access, and security issues.
Preferred / Nice‑to‑Have Skills
IAM or security certifications, such as:
Microsoft Certified: Azure Solutions Architect
Okta Certified Administrator
Experience with
Identity Governance
tools such as
SailPoint or Saviynt .
Familiarity with cloud platforms and IAM services in
AWS or Google Cloud .
Exposure to
DevOps practices
and integrating IAM into
CI/CD pipelines .
Qualifications & Experience
Bachelor’s degree in
Computer Science, Information Technology, Cybersecurity, Engineering , or a related field (or equivalent work experience).
5+ years
of hands‑on experience in
Identity and Access Management (IAM) .
Strong verbal and written communication skills.
Ability to work independently and collaborate across technical teams.
U.S. Citizenship required .
Public Trust clearance required
(candidates with an active DOJ Public Trust preferred; processing may take up to 16 weeks if not currently held).
Willingness to complete
personal disclosure and soft credit check .
Willing to work
on‑site in Washington, DC, five days per week .
About the Team / Company This role supports a
DOJ Antitrust Division
program under
Leidos , within the
Digital Modernization
business unit. The position is a contingent role with the
potential for direct hire .
#J-18808-Ljbffr
AD/ICAM Systems Administrator III
to support identity and access management operations for a U.S. Department of Justice program. This role is fully
on-site in Washington, DC (5 days/week)
and focuses on administering, integrating, and securing enterprise identity platforms including
Active Directory, Azure AD, and Okta . The position works independently on day-to-day objectives and owns technical processes within the IAM domain, with a direct impact on operational outcomes.
Key Responsibilities
Administer and manage
on-premises Active Directory
environments, ensuring security, high availability, and proper configuration.
Oversee
Group Policy Objects (GPOs), Trusts, DNS, AD Sites and Services , and AD replication.
Perform
user provisioning and de-provisioning , applying Active Directory security best practices (least privilege, permissions, password policies).
Implement and manage
Active Directory Federation Services (ADFS)
for authentication and federation with cloud and external resources.
Manage
Azure Active Directory (Azure AD)
for cloud-based identity management.
Integrate on-premises AD with Azure AD using
Azure AD Connect , including synchronization, troubleshooting, and identity lifecycle management.
Administer
Azure AD Conditional Access
policies to ensure secure and compliant access.
Implement and configure
Azure AD B2C
for external-facing application authentication.
Oversee administration and integration of
Okta
for identity management, including
SSO, MFA, Universal Directory, Lifecycle Management, and API Access Management .
Ensure seamless integration of Okta with internal and third‑party applications (e.g.,
Office 365, Salesforce, Google Workspace ).
Monitor health, performance, and security of
AD, Azure AD, and Okta
environments and proactively resolve issues.
Develop and maintain
PowerShell scripts
to automate IAM‑related tasks.
Create and maintain
technical documentation
for identity systems and processes.
Collaborate with security, network, and application teams to resolve IAM challenges.
Communicate technical issues and solutions clearly to both technical and non‑technical stakeholders.
Required Technical Skills
Hands‑on administration of
Active Directory , including GPOs, ADFS, trusts, DNS, and AD sites/replication.
Strong experience with
Azure Active Directory , including:
Azure AD Connect
Conditional Access
Azure AD B2C
Expertise with
Okta , including:
Single Sign-On (SSO)
Multi‑Factor Authentication (MFA)
Universal Directory
Lifecycle Management
API Access Management
Proficiency in
PowerShell
for automation and system management.
Working knowledge of IAM protocols:
SAML, OAuth, OpenID Connect, LDAP .
Strong understanding of identity security best practices, including
MFA and RBAC .
Ability to troubleshoot complex authentication, access, and security issues.
Preferred / Nice‑to‑Have Skills
IAM or security certifications, such as:
Microsoft Certified: Azure Solutions Architect
Okta Certified Administrator
Experience with
Identity Governance
tools such as
SailPoint or Saviynt .
Familiarity with cloud platforms and IAM services in
AWS or Google Cloud .
Exposure to
DevOps practices
and integrating IAM into
CI/CD pipelines .
Qualifications & Experience
Bachelor’s degree in
Computer Science, Information Technology, Cybersecurity, Engineering , or a related field (or equivalent work experience).
5+ years
of hands‑on experience in
Identity and Access Management (IAM) .
Strong verbal and written communication skills.
Ability to work independently and collaborate across technical teams.
U.S. Citizenship required .
Public Trust clearance required
(candidates with an active DOJ Public Trust preferred; processing may take up to 16 weeks if not currently held).
Willingness to complete
personal disclosure and soft credit check .
Willing to work
on‑site in Washington, DC, five days per week .
About the Team / Company This role supports a
DOJ Antitrust Division
program under
Leidos , within the
Digital Modernization
business unit. The position is a contingent role with the
potential for direct hire .
#J-18808-Ljbffr