Haystack
← Back to Jobs
Other

Azure ICAM Engineer

ZvolvantWashington, DC🇺🇸United StatesPosted 14 Jul 2026

Quick Overview

Work Type
Hybrid
Level
Mid Senior

Job Description

We are seeking a Azure ICAM Solutions Engineer to support a Identity, Credential, and Access Management (ICAM) modernization initiative for a federal customer. This role focuses on designing and delivering scalable identity solutions leveraging Microsoft Entra ID and Azure cloud services, translating ICAM requirements into secure, enterprise-ready architectures, and integrating identity capabilities across hybrid and multi-cloud environments.


Key Responsibilities

Azure-Based Solution Design & Integration

  • Translate ICAM and mission requirements into Azure-native architectures and implementable solutions
  • Design, architect, and deploy identity solutions leveraging Microsoft Entra ID (Azure AD), Azure Active Directory Domain Services, and Azure security services
  • Integrate identity and access management capabilities across cloud, hybrid, and on-prem enterprise systems
  • Design and implement integrations between Entra ID and enterprise applications, SaaS platforms, APIs, and external identity providers
  • Develop secure, scalable identity architectures aligned with Azure Well-Architected Framework and Zero Trust principles

Modern ICAM Engineering (Entra ID Focus)

  • Implement and manage Microsoft Entra ID services, including:
    • Conditional Access
    • Identity Protection
    • Access Reviews
    • Lifecycle Workflows
  • Configure Single Sign-On (SSO) and federation using SAML, OAuth, and OpenID Connect, with Entra ID as the identity provider
  • Design and implement B2E, B2B, and B2C identity scenarios using Entra External ID capabilities
  • Support Privileged Identity Management (PIM) and Just-In-Time (JIT) access models
  • Develop automation using PowerShell, Azure CLI, ARM/Bicep templates, and REST APIs to manage identity operations

Azure Platform & Security Integration

  • Integrate identity solutions with broader Azure services including:
    • Azure Key Vault
    • Azure API Management
    • Microsoft Defender for Cloud
    • Azure Monitor and Log Analytics
  • Implement identity-driven security controls across Azure workloads and applications
  • Enable centralized logging, monitoring, and alerting using Azure-native tools and Splunk

Collaboration & Delivery

  • Coordinate with developers, cloud engineers, architects, and cybersecurity teams to deliver cohesive Azure-based solutions
  • Participate in Agile ceremonies, sprint planning, and technical design sessions
  • Support system testing including integration, functional, and security validation
  • Troubleshoot and resolve identity-related issues across development, staging, and production environments

Security & Compliance Alignment

  • Ensure solutions align with federal security requirements, FedRAMP, and Zero Trust architecture
  • Implement RBAC, ABAC, and policy-based access controls using Entra ID and Azure governance tools
  • Support ATO efforts and ensure compliance with NIST 800-53, NIST SP 800-63, and FICAM frameworks
  • Enforce least privilege access using Azure-native identity governance and access controls

Required Qualifications

  • U.S. Citizenship required; ability to obtain a Public Trust clearance
  • Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or related field (or equivalent experience)
  • 5+ years of experience in identity and access management, Azure cloud engineering, or cybersecurity
  • Hands-on experience designing and implementing Microsoft Entra ID (Azure AD) solutions in enterprise environments
  • Strong experience with Azure architecture and cloud-native identity services
  • Deep understanding of authentication protocols (SAML, OAuth, OpenID Connect)
  • Experience integrating identity solutions with Azure services, SaaS applications, and enterprise systems
  • Experience with automation and scripting (PowerShell, Python, REST APIs, Azure CLI)

Preferred Qualifications

  • Experience supporting Zero Trust or ICAM modernization initiatives in federal environments
  • Hands-on experience with:
    • Azure AD B2C / External ID
    • Microsoft Entra Permissions Management
    • Azure Policy and governance frameworks
  • Familiarity with CyberArk or other PAM tools alongside Entra PIM
  • Experience integrating with external identity providers (login.gov, ID.me, federation partners)
  • Knowledge of DevSecOps and CI/CD pipelines in Azure (Azure DevOps, GitHub Actions)
  • Azure certifications (e.g., AZ-104, AZ-305, SC-300, SC-100) strongly preferred

Skills

OAuth
SAML
SSO
Splunk
Active Directory
Agile
Azure
Compliance
GitHub Actions
PowerShell
Python
REST
Vault
Zero Trust

Similar jobs