14,564 Access Management Engineer jobs in the United States

Based in the Raleigh, NC Corporate Office - Hybrid At Merz Therapeutics, we're building something meaningful-where innovation meets purpose, and where every team member plays a role in shaping the future of secure, scalable digital collaboration. As we continue to grow and evolve, we're looking for an Identity and Access Management Engineer who's ready to take ownership of our identity and access management strategy, while helping us strengthen the foundation of our Microsoft 365 environment. This is more than a technical role-it's an opportunity to lead with intention, drive continuous improvement, and help us stay ahead in a fast-moving digital landscape. If you're someone who thrives on structure, sees opportunity in complexity, and enjoys working across teams to make systems smarter and more secure, we'd love to meet you.What You'll Do:

• Responsible for day-to-day operations and long-term strategy of IAM and Microsoft 365 governance.
• Collaborate with IT, security, and business stakeholders to ensure compliance, efficiency, and alignment with a cloud-first vision.

Key Areas of Focus:

• Identity & Access Management:
  • Manage Conditional Access policies and Privileged Identity Management (PIM) in Entra ID to enforce secure, role-based access controls.
  • Lead access review campaigns to ensure user permissions are appropriate and compliant.
  • Oversee the lifecycle governance of user and group accounts to maintain accurate and secure access throughout employment changes.
  • Support identity provisioning and synchronization across systems to ensure consistent and timely user data updates.
  • Continuously improve IAM processes and maintain clear, up-to-date documentation.
  • Manage the guest user lifecycle to enable secure and compliant collaboration with external partners.
• Governance & Compliance:
  • Define and maintain governance policies for Microsoft 365 Groups to ensure consistent structure, ownership, and lifecycle management.
  • Oversee the configuration, compliance, and performance of Exchange Online, OneDrive, and SharePoint environments.
  • Align the organization's identity strategy with Microsoft 365 services to support secure, scalable, and integrated collaboration.
• Operational Oversight:
  • Conduct regular health checks and performance reviews to ensure the reliability and efficiency of identity and access systems.
  • Monitor service health dashboards and proactively report issues and trends to relevant stakeholders.
  • Own the application onboarding process in Entra ID, ensuring secure integration and proper configuration of new apps.
• Integration & Collaboration:
  • Collaborate with Okta and SailPoint experts to streamline and enhance identity processes across our Ecosystem.
• Strategic Initiatives:
  • Implement Microsoft E5 security and compliance features to enhance the organization's protection and visibility.
  • Support the rollout of Microsoft Copilot by ensuring identity readiness, access controls, and user enablement.
  • Advance the company's cloud-first identity strategy by aligning technologies, policies, and processes with modern cloud principles.

What You'll Bring:

• Experience managing IAM and Microsoft 365 in enterprise settings
• Strong knowledge of Entra ID, Conditional Access, PIM
• Familiarity with identity lifecycle, compliance, governance
• Experience with Okta, SailPoint, Microsoft security tools
• Collaborative mindset and proactive problem-solving
• Passion for continuous improvement

Why Join Us? At Merz Therapeutics, we believe in building a workplace where people feel supported, empowered, and inspired to grow. We're proud of our heritage, but we're even more excited about where we're headed. If you're looking for a role where you can make a real impact-on systems, on teams, and on the future-we'd love to hear from you.

Job Description

Job Description

Senior Identity & Access Management Engineer

Summary:

As an Identity and Access Management Technology Engineer, you will play a key role in shaping our security landscape. Your expertise will be crucial in orchestrating application deployments, establishing robust connector configurations, and designing tailored rules to enhance our IAM structure. Collaborating with cross-functional teams, you'll contribute to workflow design, third-party system integrations, and the development of API services for streamlined access policy management.
This role is for a Senior IAM Engineer specialized in SailPoint to lead the design, development, implementation, and administration of Identity and Access Management (IAM) solutions using SailPoint IdentityIQ and Identity Security Cloud. The ideal candidate will have extensive experience in identity lifecycle management, role-based access control (RBAC), integrations with enterprise applications, and security best practices.

Responsibilities:

• SailPoint application development, connector configuration, and custom rule development to optimize IAM processes.
• Customize workflows, rules, policies, and certifications to align with business requirements.
• Implement identity lifecycle management, access request, provisioning, role management, and certification processes.
• Enforce RBAC, attribute-based access control (ABAC), least-privilege access, and segregation of duties (SoD).
• Guide and participate in User Acceptance Testing (UAT) and contribute to defect resolution.
• Monitor application health, respond to provisioning inquiries, and configure roles, policies, and certifications for governance compliance.
• Drive application onboarding, analyze authorization models, and identify account/access metadata for provisioning.
• SailPoint implementation, SDLC, IAM, SailPoint IIQ/ISC best practices.
• Design and develop API services for streamlined access policies and external integrations.
• Create reusable rules, tasks, forms, and reports within SailPoint IdentityIQ/ISC.
• Perform SailPoint solution configuration, patching, and administration for optimal performance.
• Provide troubleshooting support during projects and post-production.
• Maintain up-to-date standard operating procedure documents.

Required Skills:

• 4 years as SME in SailPoint implementation, SDLC, IAM, SailPoint IIQ/ISC best practices
• 4 years of SailPoint Developer or Engineering role with demonstrated ability to onboard applications and develop API services.
• 4 years experience in Identity and Access Management, especially SailPoint solutions.
• 4 years as an expert in application deployment, connector configuration, and workflow development.
• 4 years of experience of custom rule development and third-party system integration.
• Proficient in User Acceptance Testing (UAT) and defect resolution.
• Record of leading code deployment and maintaining application health.
• Familiarity with provisioning, deprovisioning processes, roles, policies, and certifications.
• Proficiency in designing workflows, forms, rules, tasks, and reports within SailPoint IdentityIQ/ISC.

Powered by JazzHR

HQZoYpb57m

Responsibilities:
+ Strong MS Active Directory; MS Entra ID and AWS experience required
+ Strong communication and collaboration skills are required, with the ability to work independently and as part of a team.
+ Support and maintain Active Directory; Entra ID and DNS/DHCP/IPAM system-based processes.
+ Assist in defining and implementing AD; Entra ID and DNS/DHCP/IPAM support procedures.
+ Work on Operational Engineering Tasks - Tickets; Incidents; Change Requests; Vulnerabilities; Maintenance Tasks.
+ Provide technical input on IAM technologies, policies, and compliance requirements.
+ Participate in IAM-related projects using established methodologies and contribute to project deliverables.
+ Participate in Enterprise Disaster Recovery Exercises; and On-Call rotations with the IAM-IGA Team.
+ Recommend and implement technical improvements to enhance security and operational efficiency.
+ Collaborate with stakeholders to understand business requirements and translate them into technical solutions.
+ Develop and maintain system documentation, including flow charts, diagrams, and specifications.
+ Document current and future state processes and assist in planning transitions.
+ Support AD, Entra ID and DNS / DHCP / IPAM system-based processes:
+ Define and implement support procedures.
+ Manage business requirements and process documentations.
+ Write/review system specifications, output requirements, flowcharts and technical diagrams.
Required Technical skillsets:
+ Minimum 5 years working experience with Active Directory, Entra ID, AWS, and DNS / DHCP / IPAM.
+ Proven hands-on experience with IAM (Hybrid & Cloud environments), AWS and related tools/technologies.
+ Proven hands-on experience with networking solutions such as DNS / DHCP / IPAM.
+ Strong and proven scripting and automation skills using PowerShell, etc.
+ Enterprise level experience is required - Financial Services experience is preferred.
+ Additional skills - Event/log analysis and troubleshooting; System monitoring and event analysis.

**_This position follows our hybrid workstyle policy: Expected to be in a Raymond James office location a minimum of 10-12 days a month._**
**_Please note: This role is not eligible for Work Visa sponsorship, either currently or in the future._**
**Summary:**
Driving secure, seamless customer experiences through advanced identity orchestration, mobile-first authentication, and fraud-aware CIAM solutions.
**Experience:**
+ 6-10+ years of experience in Identity and Access Management, including 3+ years focused on CIAM platforms and technologies
+ Strong experience with Ping Identity, DaVinci, PingOne, or equivalent customer IAM journey orchestration tools.
+ Integration of behavioral biometrics and fraud risk signals from vendors such as ThreatMetrix, BioCatch, or Ping Risk.
+ Hands-on experience with mobile application authentication, including Passkeys, push MFA, biometric enrollment, and in-app PKI.
+ Understanding of OAuth2.0, OpenID Connect, SAML, and token lifecycle management at scale for B2C.
+ Experience integrating IAM with customer-facing portals, mobile apps, and API-based ecosystems.
+ Exposure to omnichannel verification workflows, including fallback for call-center flows and manual identity verification.
+ Familiarity with mobile SDK security, root/jailbreak detection, and secure key storage.
+ Knowledge of fraud detection and prevention practices: IP velocity checks, device fingerprinting, geolocation anomalies.
+ Ability to direct and guide developers in securely implementing front-end and back-end integrations with IAM systems.
+ Ability to direct and guide Application owners in securely integrating 3rd party applications with IAM systems.

**Responsibilities:**
+ Design, build, and enhance customer-facing identity journeys using tools like Ping DaVinci and API-first frameworks.
+ Work with fraud analysts and developers to integrate risk signals and decision engines into login and registration flows.
+ Serve as technical lead for mobile-first authentication projects, ensuring strong UX and high assurance.
+ Partner with mobile engineering teams to embed IAM SDKs and ensure secure mobile app posture.
+ Develop strategies for linkless authentication and secure session continuity for contact centers.
+ Provide subject matter expertise for identity proofing, registration, progressive profiling, and delegated access use cases.
+ Maintain documentation and guidance for customer IAM APIs, authentication methods, and security practices.
+ Lead or contribute to large-scale IAM transformation initiatives in support of business expansion or regulatory mandates.

**_This position follows our hybrid workstyle policy: Expected to be in a Raymond James office location a minimum of 10-12 days a month._**
**_Please note: This role is not eligible for Work Visa sponsorship, either currently or in the future._**
**Summary:**
Driving secure, seamless customer experiences through advanced identity orchestration, mobile-first authentication, and fraud-aware CIAM solutions.
**Experience:**
+ 6-10+ years of experience in Identity and Access Management, including 3+ years focused on CIAM platforms and technologies
+ Strong experience with Ping Identity, DaVinci, PingOne, or equivalent customer IAM journey orchestration tools.
+ Integration of behavioral biometrics and fraud risk signals from vendors such as ThreatMetrix, BioCatch, or Ping Risk.
+ Hands-on experience with mobile application authentication, including Passkeys, push MFA, biometric enrollment, and in-app PKI.
+ Understanding of OAuth2.0, OpenID Connect, SAML, and token lifecycle management at scale for B2C.
+ Experience integrating IAM with customer-facing portals, mobile apps, and API-based ecosystems.
+ Exposure to omnichannel verification workflows, including fallback for call-center flows and manual identity verification.
+ Familiarity with mobile SDK security, root/jailbreak detection, and secure key storage.
+ Knowledge of fraud detection and prevention practices: IP velocity checks, device fingerprinting, geolocation anomalies.
+ Ability to direct and guide developers in securely implementing front-end and back-end integrations with IAM systems.
+ Ability to direct and guide Application owners in securely integrating 3rd party applications with IAM systems.

**Responsibilities:**
+ Design, build, and enhance customer-facing identity journeys using tools like Ping DaVinci and API-first frameworks.
+ Work with fraud analysts and developers to integrate risk signals and decision engines into login and registration flows.
+ Serve as technical lead for mobile-first authentication projects, ensuring strong UX and high assurance.
+ Partner with mobile engineering teams to embed IAM SDKs and ensure secure mobile app posture.
+ Develop strategies for linkless authentication and secure session continuity for contact centers.
+ Provide subject matter expertise for identity proofing, registration, progressive profiling, and delegated access use cases.
+ Maintain documentation and guidance for customer IAM APIs, authentication methods, and security practices.
+ Lead or contribute to large-scale IAM transformation initiatives in support of business expansion or regulatory mandates.

**_This position follows our hybrid workstyle policy: Expected to be in a Raymond James office location a minimum of 10-12 days a month._**
**_Please note: This role is not eligible for Work Visa sponsorship, either currently or in the future._**
**Summary:**
Driving secure, seamless customer experiences through advanced identity orchestration, mobile-first authentication, and fraud-aware CIAM solutions.
**Experience:**
+ 6-10+ years of experience in Identity and Access Management, including 3+ years focused on CIAM platforms and technologies
+ Strong experience with Ping Identity, DaVinci, PingOne, or equivalent customer IAM journey orchestration tools.
+ Integration of behavioral biometrics and fraud risk signals from vendors such as ThreatMetrix, BioCatch, or Ping Risk.
+ Hands-on experience with mobile application authentication, including Passkeys, push MFA, biometric enrollment, and in-app PKI.
+ Understanding of OAuth2.0, OpenID Connect, SAML, and token lifecycle management at scale for B2C.
+ Experience integrating IAM with customer-facing portals, mobile apps, and API-based ecosystems.
+ Exposure to omnichannel verification workflows, including fallback for call-center flows and manual identity verification.
+ Familiarity with mobile SDK security, root/jailbreak detection, and secure key storage.
+ Knowledge of fraud detection and prevention practices: IP velocity checks, device fingerprinting, geolocation anomalies.
+ Ability to direct and guide developers in securely implementing front-end and back-end integrations with IAM systems.
+ Ability to direct and guide Application owners in securely integrating 3rd party applications with IAM systems.

**Responsibilities:**
+ Design, build, and enhance customer-facing identity journeys using tools like Ping DaVinci and API-first frameworks.
+ Work with fraud analysts and developers to integrate risk signals and decision engines into login and registration flows.
+ Serve as technical lead for mobile-first authentication projects, ensuring strong UX and high assurance.
+ Partner with mobile engineering teams to embed IAM SDKs and ensure secure mobile app posture.
+ Develop strategies for linkless authentication and secure session continuity for contact centers.
+ Provide subject matter expertise for identity proofing, registration, progressive profiling, and delegated access use cases.
+ Maintain documentation and guidance for customer IAM APIs, authentication methods, and security practices.
+ Lead or contribute to large-scale IAM transformation initiatives in support of business expansion or regulatory mandates.

**Job Family** **:**
Management Consulting
**Travel Required** **:**
Up to 10%
**Clearance Required** **:**
Ability to Obtain Secret
**What You Will Do** **:**
Our Cybersecurity Consultants are a team of business integrators with extensive consulting and industry experience who help our clients solve their complex business issues from strategy through execution. The Identity and Access Management Engineer - Managing Consultant will support the implementation of multiple cybersecurity systems including but not limited to: Public Key Infrastructure (PKI) systems, User Identity Data Warehouse, integration/interconnectivity with Logical & Physical Access Control systems (LACS & PACS), and server endpoints.
The Identity and Access Management Engineer will help guide our clients in improving processes, products, services, and software. The Identity and Access Management Engineer will be responsible for gathering requirements, designing, implementing, and testing of a Credential Management system. The Individual will assess application software releases and documentation to optimize upgrades, enhancements, and configurations to applications to enable the successful operations and maintenance of the Credential Management System and helping to ensure its configuration is compliant with agency and federal Cybersecurity standards.
The Individual will regularly interact with senior government officials, staff, and will be engaged in a diverse set of project-specific tasks related to the development and deployment of the Credential Management System. The Managing Consultant will liaise between business and technical teams to implement technical solutions. Other responsibilities of the Engineer include, but are not limited to, building, configuring and managing a COTS IAM credentialing product as well as providing security and infrastructure support for system releases. The engineer should also be willing to work a flexible schedule with the ability to provide off-hours/weekend support as needed.
**What You Will Need** **:**
+ Minimum of 5+ years of experience consulting to the US Federal government.
+ Clearance: U.S. citizenship and the ability to obtain and maintain a federal Public Trust clearance.
+ A bachelor's degree from an accredited institution.
+ Knowledge or experience supporting projects related to PIV and Derived PIV Credentialing and Logon Enablement, ICAM Architecture, Privileged Identity Management, Enterprise Identity Management, Zero Trust Architecture, Regulatory Compliance (e.g FISMA Metrics for Identity).
+ Experience supporting large implementation effort(s).
+ 5+ years of experience gathering requirements, designing, implementing, and testing of SQL databases with the US Federal Government.
+ 5+ years of full life-cycle application development experience including end-to-end application design, development, and delivery.
+ Experience designing, developing, testing, and implementing configurations and enhancements to applications, interfaces, and generating reports in accordance with system operations & maintenance plan and industry best practices.
+ Experience with diagnosing and resolving server issues, deploying system patches and security updates, and optimizing system uptime.
+ Ability to quickly learn commercial-off-the-shelf (COTS) products using existing training and documentation and experience supporting Tier 2 and 3 troubleshooting.
+ The successful candidate must not be subject to employment restrictions from a former employer (such as a non-compete) that would prevent the candidate from performing the job responsibilities as described
+ Due to nature of client engagements, US Citizenship restrictions may apply
+ No sponsorship available for this position
+ This position is open to candidates who reside within fifty (50) miles of the Arlington, VA, Guidehouse office; The successful candidate will be expected to work in-person in the Arlington, VA office.
+ Must have a flexible schedule with the ability to provide off-hours/weekend support as needed.
**What Would Be Nice To Have** **:**
+ Experience with serving Federal clients onsite and remote.
+ Knowledge of Personal Identity Verification (PIV) Cards, FIPS 201-3, NIST SP 800-63-3 and appendices, Public Key Infrastructure, Active Directory, and physical and logical access control principles and systems.
+ Provide guidance and documentation for IAM-related security policies, procedures, and guidelines.
+ Experience collaborating with clients and stakeholders to document business requirements and create both functional and technical specifications.
+ Experiencing modifying and enhancing COTS applications on systems to include conducting quality assurance on the UI/UX of software applications.
+ Experience building and/or supporting web applications utilizing SQL.
+ Experience with development technologies such as Java, JavaScript, Oracle, Python, PowerShell etc.
+ Experience interacting directly with Federal clients at all levels of leadership; polished and professional in client interactions.
+ Ability to effectively communicate with both technical and non-technical audiences.
+ Proactive self-starter comfortable working independently.
**What We Offer** **:**
Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.
Benefits include:
+ Medical, Rx, Dental & Vision Insurance
+ Personal and Family Sick Time & Company Paid Holidays
+ Position may be eligible for a discretionary variable incentive bonus
+ Parental Leave and Adoption Assistance
+ 401(k) Retirement Plan
+ Basic Life & Supplemental Life
+ Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
+ Short-Term & Long-Term Disability
+ Student Loan PayDown
+ Tuition Reimbursement, Personal Development & Learning Opportunities
+ Skills Development & Certifications
+ Employee Referral Program
+ Corporate Sponsored Events & Community Outreach
+ Emergency Back-Up Childcare Program
+ Mobility Stipend
**About Guidehouse**
Guidehouse is an Equal Opportunity Employer-Protected Veterans, Individuals with Disabilities or any other basis protected by law, ordinance, or regulation.
Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.
If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at 1- or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.
All communication regarding recruitment for a Guidehouse position will be sent from Guidehouse email domains including @guidehouse.com or . Correspondence received by an applicant from any other domain should be considered unauthorized and will not be honored by Guidehouse. Note that Guidehouse will never charge a fee or require a money transfer at any stage of the recruitment process and does not collect fees from educational institutions for participation in a recruitment event. Never provide your banking information to a third party purporting to need that information to proceed in the hiring process.
If any person or organization demands money related to a job opportunity with Guidehouse, please report the matter to Guidehouse's Ethics Hotline. If you want to check the validity of correspondence you have received, please contact . Guidehouse is not responsible for losses incurred (monetary or otherwise) from an applicant's dealings with unauthorized third parties.
_Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee._

Requisition ID: R10173867

• Category: Information Technology

• Location: Colorado Springs, Colorado, United States of America | Huntsville, Alabama, United States of America

• Clearance Type: Secret

• Telecommute: No- Teleworking not available for this position

• Shift: Days (United States of America)

• Travel Required: Yes, 10% of the Time

• Positions Available: 1

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon.

Northrop Grumman Space Systems Launch and Missile Defense Systems has an exciting career opportunity for a Sr Principal Systems Administrator Identity & Access Management Engineer (24-376) to join our team of qualified, diverse individuals. This position will be in Colorado Springs, CO, or Huntsville, AL.

Position Overview:

The Command and Control, Battle Management, and Communications (C2BMC) program integrates the Missile Defense System. It is a vital operational system that enables the U.S. president, secretary of defense, and combatant commanders at strategic, regional, and operational levels to systematically plan ballistic missile defense operations.

The selected candidate will support the C2BMC DevSecOps team in designing, developing, testing, implementing, and integrating IAM systems. They will also manage user provisioning and access management processes, monitor and analyze access logs and security events, and implement and maintain technologies to ensure audit and privacy compliance.

Essential Functions:

• Participate in efforts to deploy new and optimize existing solutions, automate, create standards, and govern technologies including but not limited to PKI/MFA, Delinea, and Active Directory.

• Experience with role-based access controls and configuring automated provisioning and de-provisioning of RBAC.

• Implement security measures to protect against unauthorized access and ensure compliance with industry regulations and internal policies.

• Support ongoing Security Engineering and architecture efforts.

• Establish and maintain reliable backup and recovery processes for Active Directory.

• Work closely with other IT teams to integrate Active Directory services with other systems, applications, and infrastructure components.

• Create and maintain comprehensive documentation for Active Directory configurations, policies, and procedures.

• Develop PowerShell scripts for administrative and automation tasks.

• Responsible for working independently or collaboratively on large projects.

Basic Qualifications:

• An active Secret clearance is required to start.

• 9 years' experience with a bachelors degree in engineering, computer science, mathematics or a related field; 7 years' experience with a masters degree; or 13 years' experience in lieu of a degree.

• DoD 8140 certification at IAM Level III or higher is required to start.

• Technical experience in systems integration or software engineering of identity and access management (IAM) solutions.

• Advanced understanding of UNIX security as it relates to user access and provisioning.

• 3-5 years experience supporting Microsoft Active Directory & related technologies.

Preferred Qualifications:

• Experience with automation/configuration management using Ansible, GitLab, Nexus or other equivalent technology is a plus.

What We Can Offer You:

Northrop Grumman provides a comprehensive benefits package and a work environment that encourages your growth and supports the mutual success of our people and our company.

Additional Northrop Grumman Information:

Salary Range: $109,900 - $173,200

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer.

#J-18808-Ljbffr

Requisition ID: R10173867

• Category: Information Technology

• Location: Colorado Springs, Colorado, United States of America | Huntsville, Alabama, United States of America

• Clearance Type: Secret

• Telecommute: No - Teleworking not available for this position

• Shift: Days (United States of America)

• Travel Required: Yes, 10% of the Time

• Positions Available: 1

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.

Northrop Grumman Space Systems Launch and Missile Defense Systems has an exciting career opportunity for a Sr Principal Systems Administrator Identity & Access Management Engineer (24-376) to join our team of qualified, diverse individuals. This position will be in Colorado Springs, CO, or Huntsville, AL.

Position Overview:

The Command and Control, Battle Management, and Communications (C2BMC) program integrates the Missile Defense System. It is a vital operational system that enables the U.S. president, secretary of defense, and combatant commanders at strategic, regional, and operational levels to systematically plan ballistic missile defense operations, to see the battle develop collectively, and to dynamically manage designated networked sensors and weapons systems to achieve global and regional mission objectives. C2BMC supports a layered missile defense capability that enables an optimized response to threats of all ranges in all phases of flight. C2BMC is the force multiplier that globally and regionally networks integrate, synchronizing autonomous sensor and weapon systems and operations to optimize performance. C2BMC is integral to all system ground and flight tests, which verify and exercise all current and future missile defense system capabilities.

The selected candidate will support the C2BMC DevSecOps team in designing, developing, testing, implementing, and integrating IAM systems. They will also manage user provisioning and access management processes, monitor and analyze access logs and security events, and implement and maintain technologies to ensure audit and privacy compliance. Manage certificate requests in a CA Service and assist with implementing a certificate management plan for the program. You will work with the architecture, engineering, operations, and support teams to create and maintain standards, deploy new solutions, and administer, automate, and support Microsoft Identity Manager and Privileged Account Vaulting solutions.

Essential Functions:

• Participate in efforts to deploy new and optimize existing solutions, automate, create standards, and govern technologies including but not limited to PKI/MFA, Delinea, and Active Directory.

• Experience with role-based access controls and configuring automated provisioning and de-provisioning of RBAC.

• Implement security measures to protect against unauthorized access and ensure compliance with industry regulations and internal policies.

• Support Security Engineering efforts and Cyber Roadmap development and maturation.

• Support ongoing Security Engineering and architecture efforts.

• Establish and maintain reliable backup and recovery processes for Active Directory, ensuring minimal downtime in the event of data loss or system failure.

• Work closely with other IT teams to integrate Active Directory services with other systems, applications, and infrastructure components.

• Create and maintain comprehensive documentation for Active Directory configurations, policies, and procedures.

• Develop PowerShell scripts for administrative and automation tasks.

• Responsible for working independently or solo on large projects; the position will also involve working in a collaborative team environment with other DevSecOps engineers and other program development and deployment teams.

Basic Qualifications:

• An active Secret clearance is required to start.

• 9 years' experience with a bachelors degree in engineering, computer science, mathematics or a related field; 7 years' experience with a masters degree in engineering, computer science, mathematics or a related field; or 13 years' experience in lieu of a degree.

• DoD 8140 certification at IAM Level III or higher (Security+, GSEC, SCNP, SSCP, CISSP, CISA, GSE, SCNA) is required to start.

• Technical experience in systems integration or software engineering of identity and access management (IAM) solutions:

• Delinea, Axway Desktop Validator, Active Directory, Java Applications, 802.1X .

• Advanced understanding of UNIX security as it relates to user access and provisioning.

• Extensive knowledge and experience with identity and access management technology, such as single sign-on (SSO ), two-factor authentication , privileged access management , etc.

• Experience with:

• Linux/Unix

• Windows System Administration

• Scripting (with programming languages such as Python, Bash, PowerShell, or Perl )

• SQL

• LDAP

• Web services.

• Experience with one or more programming languages such as:

• Java

• C#

• C/C++ Python

• JavaScript.

• 3-5 years experience supporting Microsoft Active Directory & related technologies.

• 3-5 years of experience with continuous integration environments in Network, Software, or platform infrastructure capability automation, development, and deployment.

Preferred Qualifications:

• Experience with automation/configuration management using Ansible, GitLab, Nexus , or other equivalent technology is a plus.

What We Can Offer You:

Northrop Grumman provides a comprehensive benefits package and a work environment that encourages your growth and supports the mutual success of our people and our company. Northrop Grumman benefits give you the flexibility and control to choose the benefits that make the most sense for you and your family. Your benefits will include the following:

• Health Plan

• Savings Plan

• Paid Time Off

• Education Assistance

• Training and Development

• Flexible Work Arrangements

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit. U.S. Citizenship is required for all positions with a government clearance and certain other restricted positions.

#J-18808-Ljbffr