Quick Overview
Work Type
Hybrid
Level
Mid Senior
Job Description
We are seeking a Azure ICAM Solutions Engineer to support a Identity, Credential, and Access Management (ICAM) modernization initiative for a federal customer. This role focuses on designing and delivering scalable identity solutions leveraging Microsoft Entra ID and Azure cloud services, translating ICAM requirements into secure, enterprise-ready architectures, and integrating identity capabilities across hybrid and multi-cloud environments.
Key Responsibilities
Azure-Based Solution Design & Integration
- Translate ICAM and mission requirements into Azure-native architectures and implementable solutions
- Design, architect, and deploy identity solutions leveraging Microsoft Entra ID (Azure AD), Azure Active Directory Domain Services, and Azure security services
- Integrate identity and access management capabilities across cloud, hybrid, and on-prem enterprise systems
- Design and implement integrations between Entra ID and enterprise applications, SaaS platforms, APIs, and external identity providers
- Develop secure, scalable identity architectures aligned with Azure Well-Architected Framework and Zero Trust principles
Modern ICAM Engineering (Entra ID Focus)
- Implement and manage Microsoft Entra ID services, including:
- Conditional Access
- Identity Protection
- Access Reviews
- Lifecycle Workflows
- Configure Single Sign-On (SSO) and federation using SAML, OAuth, and OpenID Connect, with Entra ID as the identity provider
- Design and implement B2E, B2B, and B2C identity scenarios using Entra External ID capabilities
- Support Privileged Identity Management (PIM) and Just-In-Time (JIT) access models
- Develop automation using PowerShell, Azure CLI, ARM/Bicep templates, and REST APIs to manage identity operations
Azure Platform & Security Integration
- Integrate identity solutions with broader Azure services including:
- Azure Key Vault
- Azure API Management
- Microsoft Defender for Cloud
- Azure Monitor and Log Analytics
- Implement identity-driven security controls across Azure workloads and applications
- Enable centralized logging, monitoring, and alerting using Azure-native tools and Splunk
Collaboration & Delivery
- Coordinate with developers, cloud engineers, architects, and cybersecurity teams to deliver cohesive Azure-based solutions
- Participate in Agile ceremonies, sprint planning, and technical design sessions
- Support system testing including integration, functional, and security validation
- Troubleshoot and resolve identity-related issues across development, staging, and production environments
Security & Compliance Alignment
- Ensure solutions align with federal security requirements, FedRAMP, and Zero Trust architecture
- Implement RBAC, ABAC, and policy-based access controls using Entra ID and Azure governance tools
- Support ATO efforts and ensure compliance with NIST 800-53, NIST SP 800-63, and FICAM frameworks
- Enforce least privilege access using Azure-native identity governance and access controls
Required Qualifications
- U.S. Citizenship required; ability to obtain a Public Trust clearance
- Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or related field (or equivalent experience)
- 5+ years of experience in identity and access management, Azure cloud engineering, or cybersecurity
- Hands-on experience designing and implementing Microsoft Entra ID (Azure AD) solutions in enterprise environments
- Strong experience with Azure architecture and cloud-native identity services
- Deep understanding of authentication protocols (SAML, OAuth, OpenID Connect)
- Experience integrating identity solutions with Azure services, SaaS applications, and enterprise systems
- Experience with automation and scripting (PowerShell, Python, REST APIs, Azure CLI)
Preferred Qualifications
- Experience supporting Zero Trust or ICAM modernization initiatives in federal environments
- Hands-on experience with:
- Azure AD B2C / External ID
- Microsoft Entra Permissions Management
- Azure Policy and governance frameworks
- Familiarity with CyberArk or other PAM tools alongside Entra PIM
- Experience integrating with external identity providers (login.gov, ID.me, federation partners)
- Knowledge of DevSecOps and CI/CD pipelines in Azure (Azure DevOps, GitHub Actions)
- Azure certifications (e.g., AZ-104, AZ-305, SC-300, SC-100) strongly preferred
Skills
OAuth
SAML
SSO
Splunk
Active Directory
Agile
Azure
Compliance
GitHub Actions
PowerShell
Python
REST
Vault
Zero Trust
Similar jobs
Internal Advisor Consultant
TIAA · Charlotte, United States
2 minutes ago$54k - $70k/yrSenior Project Scheduler
Archon Resources · Midland, United States
15 minutes agoPrinter Apprentice
Interprint Inc · Pittsfield, United States
16 minutes ago$25 - $26/hrPLC Systems Technician
Arlon Graphics · San Antonio, United States
16 minutes agoEstimator Remodeling
The Norfolk Companies · Framingham, United States
16 minutes agoVendor Coordinator
Southern Scripts · Natchitoches, United States
16 minutes ago