Identity, Credential, & Access Management (ICAM) Enterprise Architect


Are you an accomplished Identity, Credential, & Access Management (ICAM) Architect with real-world experience in applying ICAM solutions in a U.S. Government (USG) environment?

Are you looking to take that next step up in your career and become a key member of a team supporting a large Federal Government enterprise IT program?

Then we want to hear from you!

Hill Associates is searching for an experienced ICAM Enterprise Architect. We seek an energetic, talented professional who demonstrably understands ICAM as applied in the USG environment. Ideally, the candidate is able to succinctly explain to management recommended enterprise ICAM identity processes, practices, designs, solutions, and strategies.

In addition, we seek a candidate who understands the interdependencies and implications of security solutions across an infrastructure portfolio, such as Zero Trust Architecture (ZTA), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and how ICAM supports and enables these systems.

This position would require U.S. Citizenship. The candidate must have the ability to obtain and maintain a public trust suitability clearance. Remote-based work is currently supported due to COVID- 19. Physical work location is flexible with remote work options, including full-time remote, available to qualified candidates.


What You Will Get to Do:

  • Provide technical leadership analysis and support to the organization's Chief Services Engineer for a wide variety of ICAM efforts in relation to ongoing cybersecurity modernization initiatives.
  • Apply common ICAM frameworks in the USG environment for designing and governing complex systems, applications, and implementations.
  • Support the Agency's Enterprise Identity, Credential, and Access Management efforts by applying expertise in methodologies for the trust and verification of identity, credentials, and access to Agency information systems.
  • Leverage your expertise in identity to provide insights and recommendations for Zero Trust Architecture development, including management of identity and credentials, especially privileged credentials, and mature credential management tools and processes.
  • Support the Agency's efforts to improve Multi-Factor Authentication (MFA), including best options and policies for Agency solutions to ensure authentication access for authorized individuals. This includes the understanding of how Digital Identity Risk Assessment informs MFA planning.
  • Provide guidance and expertise on Privileged Access Management (PAM) tools and processes to improve the Agency's management of privileged credentials and cryptographic keys.
  • Provide guidance to formulate and define ICAM systems scope and objectives based on both user requirements and a thorough understanding of business and security requirements.
  • Gather requirements, estimate effort, and deploy and maintain ICAM solutions.
  • Tasks will require the application of expertise in ICAM security, analysis, systems engineering, and T&E (test and evaluation).
  • Develop and evaluate metrics to support recommendations.
  • The candidate will research emerging ICAM security solutions and provide analysis on their impact on system operation or ability to integrate within existing systems. The candidate will be able to evaluate solutions and propose demos/testing to characterize the performance.
  • Provide recommendations on ensuring systems are specified, designed, developed, implemented, integrated, and sustained to meet security needs, goals, and objectives.
  • Assist in ICAM security analysis and assessments to inform decision-making.
  • Assist in the development of ICAM security and cybersecurity strategy development, system testing and evaluation, and verification and validation efforts.
  • Analyze ICAM requirements, software, hardware, supply chain, and integration approaches using analysis tools to identify vulnerabilities and system architecture, design, and implementation flaws.
  • Verify ICAM systems and specifications met USG and Agency security policies and regulations.

Required Qualifications:

  • BS in Information Technology, Computer Science, or equivalent.
  • 8 - 10 years of related experience in IT security engineering.
  • Extensive experience with Federal Government network environments, dealing with business-critical, high availability systems.
  • Knowledge of common ICAM security products/technologies, as well as related IT software/hardware.
  • Recommend and implement system enhancements that improved ICAM system(s) performance, security, and reliability.
  • Actively manage project risks and issues to close technical gaps in the project. Advise management and team members of risks associated with technologies and implementation approaches and identify methods of risk mitigation. Conduct problem resolution and identify process improvements.
  • Excellent interpersonal and communications skills for interaction with customers, project leaders, team members, and other government agencies.
  • Ability to coordinate across teams and with representatives from a wide range of organizations including government, commercial, and international.
  • Solid communications skills, both written and verbal. Able to create, discuss and explain technical documentation.

Preferred Qualifications:

  • MS in related domain (IT, Cybersecurity) or 10 years of experience.
  • Experience with ICAM best practices for cloud platform environments, such as Amazon Web Services (AWS) and/or Microsoft Azure.
  • Experience with CyberArk and SailPoint.
  • Knowledge and understanding of the NIST Cybersecurity Framework.
  • Knowledge of the Zero Trust Architecture security paradigm.
  • Knowledge of Mobile Device ICAM, OAUTH 2.0, and SAML.
  • Experience with security processes and policies, Security Initiatives, Data Security policies and requirements, accreditation processes, workflow analysis, user attributes, and role-based permissions.
  • Experience in designing and implementing highly available solutions.
  • Experience translating secure identity assertions across controlled interfaces.
  • Experience delivering enterprise-level capabilities that drive new standards.
  • Documentation experience in engineering from requirements and architectural designs, and diagrams, potentially including strategy, architecture, policy, roadmaps, key processes, dependencies, interoperability, technology, and governance.
  • Proven ability to write technical reports, detailing analytical work, including assumptions, objectives, explanation of ICAM techniques/tools, sources of data, results, conclusions, and recommendations relating to the context of the analysis.

What We Can Offer You

Hill Associates is an affirmative action and equal opportunity employer. Employment decisions will be made without regard to race, color, religion, sex, age, national origin, military status, veteran status, handicap, physical or mental disability, sexual orientation, gender identity, genetic information, or other characteristics protected by law.
If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Hill Associates Recruiting Team at 202-656-6505 or via email at All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.
Hill Associates offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.