ICAM Architect
Phase2 Technology, Mc Lean, VA, United States
Job Number: R0238565
ICAM Architect
The Opportunity
You know that the user is the last frontier for cybersecurity. It's where the perimeter is drawn, and securing identities is pivotal in the fight against cybercriminals. As an Identity and Access Management (IAM) specialist, you have the skills and experience to keep hackers from taking data and breaking processes. We're looking for someone like you to help our clients meet their missions without disruption.
Responsibilities
As an ICAM Architect at Booz Allen, you'll play a critical role in the world of identity and access management and Zero Trust. In this role, you'll support large-scale IAM projects for our clients. You'll interface with stakeholders and engineering teams to delve into the details and dependencies of critical processes and users" roles within them. You'll analyze the identity lifecycle, articulating access requirements and defining enterprise identity records. You'll use your experience in IAM to design, deploy, and support systems that verify appropriate user privileges and manage credentials for accessing the enterprise's most valuable assets. From single sign-on to privileged access systems, you'll have the chance to implement enterprise‑class solutions and stop adversaries in their tracks. Due to the nature of work performed within this facility, U.S. citizenship is required.
Qualifications
Experience with Okta or Entra ID and certificate-based authentication
Experience with SAML 2.0, OAuth 2.0, and OpenID Connect (OIDC)
Experience developing custom SAML, OAuth, and OIDC integrations and troubleshooting protocol exchanges
Experience with languages used for identity platform development and automation such as Java, JavaScript, Python, PowerShell, or Groovy
Experience working with RESTful APIs to integrate identity providers with external applications and automate identity lifecycle processes
Experience integrating and synchronizing with Active Directory (AD) or LDAP and AD Management
Knowledge of Zero Trust architectures and implementation of password‑less authentication or multifactor authentication (MFA) within the IdP environment
Ability to resolve complex identity and federation issues, including token validation errors, assertion mismatches, and connectivity problems
HS diploma or GED
Nice to Have
Experience with Okta Provisioning, Entra ID, Entra ID Connect, and Workday integrations
Experience with Identity Governance products such as Saviynt, Sailpoint, Omada, or Oracle IAM
Experience building or enhancing automated user lifecycle management using System for Cross-domain Identity Management protocols
Experience integrating identity provider code and configurations into DevOps and CI/CD pipelines for automated build and deployment workflows
Knowledge of advanced Okta development features such as Okta Workflows, Custom Authorization Servers, Inline Hooks, and Okta APIs for enhanced platform customization
Knowledge of compliance and regulatory standards such as NIST, FedRAMP, CMMC, or other frameworks relevant to identity management solutions
Knowledge of cloud identity platforms such as AWS Cognito, Azure AD B2C, KeyCLoak, or Google Cloud Identity
Possession of excellent verbal and written communication skills
Bachelor's degree in Computer Science, Cybersecurity, Information Technology
Compensation
Salary range: $86,800.00 to $198,000.00 (annualized USD).
Work Model
Remote: May still be required to work in person at a Booz Allen or customer facility.
Hybrid: Expected to work from a Booz Allen facility frequently; may also be required to work from or visit a customer facility.
Onsite: Work will primarily be performed at a Booz Allen office or customer facility, where employees will collaborate directly with colleagues and customers as required by the role.
Commitment to Non-Discrimination
All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.
#J-18808-Ljbffr
ICAM Architect
The Opportunity
You know that the user is the last frontier for cybersecurity. It's where the perimeter is drawn, and securing identities is pivotal in the fight against cybercriminals. As an Identity and Access Management (IAM) specialist, you have the skills and experience to keep hackers from taking data and breaking processes. We're looking for someone like you to help our clients meet their missions without disruption.
Responsibilities
As an ICAM Architect at Booz Allen, you'll play a critical role in the world of identity and access management and Zero Trust. In this role, you'll support large-scale IAM projects for our clients. You'll interface with stakeholders and engineering teams to delve into the details and dependencies of critical processes and users" roles within them. You'll analyze the identity lifecycle, articulating access requirements and defining enterprise identity records. You'll use your experience in IAM to design, deploy, and support systems that verify appropriate user privileges and manage credentials for accessing the enterprise's most valuable assets. From single sign-on to privileged access systems, you'll have the chance to implement enterprise‑class solutions and stop adversaries in their tracks. Due to the nature of work performed within this facility, U.S. citizenship is required.
Qualifications
Experience with Okta or Entra ID and certificate-based authentication
Experience with SAML 2.0, OAuth 2.0, and OpenID Connect (OIDC)
Experience developing custom SAML, OAuth, and OIDC integrations and troubleshooting protocol exchanges
Experience with languages used for identity platform development and automation such as Java, JavaScript, Python, PowerShell, or Groovy
Experience working with RESTful APIs to integrate identity providers with external applications and automate identity lifecycle processes
Experience integrating and synchronizing with Active Directory (AD) or LDAP and AD Management
Knowledge of Zero Trust architectures and implementation of password‑less authentication or multifactor authentication (MFA) within the IdP environment
Ability to resolve complex identity and federation issues, including token validation errors, assertion mismatches, and connectivity problems
HS diploma or GED
Nice to Have
Experience with Okta Provisioning, Entra ID, Entra ID Connect, and Workday integrations
Experience with Identity Governance products such as Saviynt, Sailpoint, Omada, or Oracle IAM
Experience building or enhancing automated user lifecycle management using System for Cross-domain Identity Management protocols
Experience integrating identity provider code and configurations into DevOps and CI/CD pipelines for automated build and deployment workflows
Knowledge of advanced Okta development features such as Okta Workflows, Custom Authorization Servers, Inline Hooks, and Okta APIs for enhanced platform customization
Knowledge of compliance and regulatory standards such as NIST, FedRAMP, CMMC, or other frameworks relevant to identity management solutions
Knowledge of cloud identity platforms such as AWS Cognito, Azure AD B2C, KeyCLoak, or Google Cloud Identity
Possession of excellent verbal and written communication skills
Bachelor's degree in Computer Science, Cybersecurity, Information Technology
Compensation
Salary range: $86,800.00 to $198,000.00 (annualized USD).
Work Model
Remote: May still be required to work in person at a Booz Allen or customer facility.
Hybrid: Expected to work from a Booz Allen facility frequently; may also be required to work from or visit a customer facility.
Onsite: Work will primarily be performed at a Booz Allen office or customer facility, where employees will collaborate directly with colleagues and customers as required by the role.
Commitment to Non-Discrimination
All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.
#J-18808-Ljbffr