Barbaricum is a rapidly growing government contractor providing leading-edge support to federal customers, with a particular focus on Defense and National Security mission sets. We leverage more than 17 years of support to stakeholders across the federal government, with established and growing capabilities across Intelligence, Analytics, Engineering, Mission Support, and Communications disciplines. Founded in 2008, our mission is to transform the way our customers approach constantly changing and complex problem sets by bringing to bear the latest in technology and the highest caliber of talent.
Headquartered in Washington, DC's historic Dupont Circle neighborhood, Barbaricum also has a corporate presence in Tampa, FL, Bedford, IN, and Dayton, OH, with team members across the United States and around the world. As a leader in our space, we partner with firms in the private sector, academic institutions, and industry associations with a goal of continually building our expertise and capabilities for the benefit of our employees and the customers we support. Through all of this, we have built a vibrant corporate culture diverse in expertise and perspectives with a focus on collaboration and innovation. Our teams are at the frontier of the Nation's most complex and rewarding challenges. Join our team.
ICAM Identity Engineer
We are seeking an ICAM Identity Engineer to provide hands-on technical expertise implementing, configuring, and maintaining enterprise Identity, Credential, and Access Management (ICAM) solutions. The ideal candidate will bring deep technical knowledge of identity security platforms and a commitment to enforcing least-privilege access within complex hybrid environments.
Responsibilities
The ICAM Identity Engineer will be directly responsible for the deployment, configuration, and sustainment of enterprise identity platforms and controls, including:
Identity Provider & Authentication Management
- Design and implement Microsoft Entra ID Conditional Access policies aligned with Zero Trust principles for Azure and AWS.
- Configure and maintain CAC/PKI-based Certificate Authentication and legacy ADFS environments.
- Manage Ping Federate as an enterprise federation gateway; onboard applications for SSO using SAML and OIDC; enforce phishing-resistant MFA.
Privileged Access Management (PAM)
- Onboard privileged user, service, and application accounts into Delinea.
- Implement policies for credential rotation, session recording, and privileged session monitoring.
- Develop and maintain Just-in-Time (JIT) and Just-Enough-Administration (JEA) workflows to reduce standing privileges.
Identity Governance & Administration (IGA)
- Configure SailPoint to automate Joiner-Mover-Leaver processes.
- Build and maintain enterprise access catalogs and automated approval workflows.
- Execute periodic access certification campaigns for critical roles and applications.
Enterprise Directory & Linux Identity Management
- Use One Identity Active Roles to implement delegated administration and automate AD lifecycle tasks.
- Configure Red Hat IdM policies for host-based access control and sudo privileges across Linux servers.
Required Qualifications:
- Active TS/SCI Clearance
- Demonstrated, hands-on expertise with at least one core ICAM platform (Microsoft Entra ID, enterprise PAM such as Delinea, or enterprise IGA such as SailPoint).
- Strong understanding of identity security principles: least privilege, MFA, JIT/JEA, RBAC/ABAC.
- Experience with Active Directory administration and Group Policy management.
- Ability to design, implement, and troubleshoot complex enterprise security policies.
- DoD 8140 compliance at IAT Level II.
Preferred:
- Microsoft Certified: Identity and Access Administrator (SC-300).
- Delinea Certified Administrator.
- SailPoint Certified IdentityNow Engineer.
- Ping Certified Professional.
- Experience with Red Hat IdM policy management.
EEO Commitment
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law.
Top Skills
What We Do
Headquartered in Washington, D.C., Barbaricum is a Service-Disabled Veteran-Owned small business. At our core, you’ll find people who love to explore and innovate.
Our team has a uniquely complementary skill set. Together we’ve built a hands-on, all-inclusive contracting firm that develops innovative strategies & uses the best of emerging technologies to support our clients’ long-term goals. Our growth has been fueled by repeat business and long-term partnerships with key clients.
We are an ISO 9001: 2015-certified and CMMI Level 3-appraised company that supports a host of government clients with Integrated Communications, Mission Support, Research and Analysis, Cyber Security/Intelligence, and Technology-Enabled Services. Our mission is to transform U.S. Government approaches to problem sets of increasing complexity by delivering innovative solutions, especially in support of National Security missions.
Barbaricum is one of the fastest growing companies in our market. The company is routinely recognized by institutions like Inc. Magazine, GovCon, AMEC, PRSA, and SmartCEO for corporate growth, capabilities, and award-winning client work. Our team is dynamic and agile, providing global support to current missions across five continents. We are also focused on developing and maintaining our vibrant corporate culture, having most recently been named a Best Workplace for 2017 by Inc. Magazine.
