The Role
The ICAM SME provides expert knowledge on ICAM standards, advises on strategy and compliance, evaluates ICAM products, and oversees integration across services.
Summary Generated by Built In
cFocus Software seeks an ICAM SME to join our program supporting the United States Citizenship and Immigration Services (USCIS). This position is 100% remote. This position requires a Public Trust clearance.
Qualifications:
Qualifications:
- 5+ years of ICAM experience
- The ICAM Subject Matter Expert must have in-depth knowledge of federal ICAM standards and the Federal ICAM Roadmap and Implementation Guidance.
- The ICAM SME will need knowledge of the capabilities, strengths, and weaknesses of current commercial and open-source ICAM products.
- Experience with AWS, Azure, GCP identity services, PKI, certificate lifecycle management, identity governance, privileged access architectures, AD/LDAP, OAuth2, OIDC, SAML, DevSecOps.
- SME must be certified in one of the following recognized identity, access, and security certifications: Certified Identity and Access Manager (CIAM), Certified Information Systems Security Professional (CISSP), GIAC Defensible Identity and Access Management (GDA), Certified Access Management Specialist (CAMS), Comp TIA+ Security, or FICAM related training
- Provide in-depth expertise on federal ICAM standards and the Federal ICAM Roadmap and Implementation Guidance.
- Advise government leadership on ICAM strategy, policy, implementation, best practices, and technology enhancements.
- Evaluate commercial and open-source ICAM products to recommend solutions that meet agency requirements.
- Support program governance, compliance, and integration across ICAM service areas (SSO, PAM, PKI, ePACS, OAuth/OIDC).
- Support development and operational sustainment of PIV-based authentication services and SSO integration.
- Implement ABAC and RBAC models for enterprise access control.
- Assist in deploying scalable authentication and authorization microservices.
- Provide guidance on CyberArk-based PAM solutions, credential vaulting, rotation, privileged session management, and multi-cloud privileged access governance.
- Support privileged access monitoring, auditing, and compliance with federal security standards.
- Lead technical PKI efforts including device certificate lifecycle management, Person-Centric PKI, and NPE PKI.
- Ensure compliance with DHS PKI Interface Specifications and COPG guidelines.
- Support Active Directory architecture, tiering, permissions, and cybersecurity best practices.
- Oversee account provisioning, de-provisioning, and identity lifecycle automation.
- Recommend and design new technology solutions aligned with ICAM modernization initiatives, cloud migrations, Zero Trust, and enterprise architecture.
- Support DevSecOps teams to implement secure ICAM features and integrations.
- Provide Tier 2+ SME support during system outages, degradation, and critical incidents involving SSO, PKI, PAM, AD, OAuth/OIDC, and physical access systems.
- Assist Duty Officers with severity determination, triage, root-cause analysis, and mitigation.
- Develop SOPs, training materials, system documentation, and technical guidance.
- Ensure compliance with DHS 4300A, OMB directives, Section 508, and audit requirements.
Top Skills
Ad/Ldap
AWS
Azure
Devsecops
GCP
Oauth2
Oidc
Pki
SAML
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Established in 2006, cFocus Software automates FedRAMP compliance and develops government chatbots for the Azure Government Cloud, Office 365, and SharePoint.
cFocus Software is the exclusive vendor of ATO (Authority To Operate) as a Service™, which automates FedRAMP compliance for the Azure Government Cloud and Office 365.
Contact Us for a demo of ATO as a Service™ or a FREE government chatbot proof of concept project today!
