ICAM Identity Engineer (Senior) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Kentro · 22 hours ago

ICAM Identity Engineer (Senior)

positionTampa, Florida, United States
timeFull-time
remoteOnsite
senioritySenior Level

Kentro is a company dedicated to innovation and collaboration, seeking an Identity (Cyber) Engineer. The role involves hands-on technical responsibilities for implementing and managing identity security solutions across the enterprise, focusing on deploying security policies and controls within various identity platforms.

Information Technology & Services

Responsibilities

Design, build, test, and deploy Microsoft Entra ID Conditional Access policies to enforce Zero Trust principles for access to cloud resources in Azure and AWS
Configure and maintain Certificate-Based Authentication (CBA) for CAC/PKI
Manage and troubleshoot the on-premises ADFS environment for legacy application support
Configure and manage the Ping Federate platform as an enterprise federation gateway
Onboard new applications for Single Sign-On (SSO) using SAML and OIDC
Build and maintain authentication policies to enforce strong, phishing-resistant MFA
Perform the hands-on onboarding of all privileged user, service, and application accounts into the Delinea vault
Configure and enforce Delinea policies for credential rotation, session recording, and monitoring
Build and implement Just-in-Time (JIT) and Just-Enough-Administration (JEA) access request and approval workflows to eliminate standing privileges
Implement and configure the automation of the Joiner-Mover-Leaver (JML) identity lifecycle process, replacing manual, ticket-based systems
Build and maintain the enterprise access catalog in SailPoint to replace the manual IMT48 form with an automated, workflow-driven request and approval system
Configure and execute periodic access certification campaigns for critical applications and privileged roles
Use the Active Roles console to implement secure, delegated administration for Active Directory, creating policies to automate user/group lifecycle tasks
Centrally manage authorization policies for the Linux estate, defining Host-Based Access Control (HBAC) rules and sudo policies to control access to RHEL servers

Qualification

Microsoft Entra IDPing FederateDelinea PAMSailPoint IGAActive DirectoryLinux Identity ManagementHands-on ImplementationIdentity GovernancePrivileged Access Management

Required

Deep technical expertise in Identity Providers (IdP), Privileged Access Management (PAM), and Identity Governance and Administration (IGA) solutions
Hands-on experience with Microsoft Entra ID Conditional Access policies
Experience configuring and maintaining Certificate-Based Authentication (CBA) for CAC/PKI
Ability to manage and troubleshoot the on-premises ADFS environment
Experience configuring and managing the Ping Federate platform
Hands-on onboarding of privileged user, service, and application accounts into the Delinea vault
Experience configuring and enforcing Delinea policies for credential rotation, session recording, and monitoring
Ability to build and implement Just-in-Time (JIT) and Just-Enough-Administration (JEA) access request and approval workflows
Experience implementing and configuring the Joiner-Mover-Leaver (JML) identity lifecycle process in SailPoint
Ability to build and maintain the enterprise access catalog in SailPoint
Experience configuring and executing periodic access certification campaigns
Experience using the Active Roles console for Active Directory administration
Ability to manage authorization policies for Linux systems using Red Hat IdM

Company

Kentro

twitter
company-logo
IT Concepts has transformed into Kentro - your center for innovation, excellence, and growth.
location
McLean, Virginia, US
people-size501-1000 employees
web-link
http://www.kentro.us

Funding

Current Stage
Late Stage
Company data provided by crunchbase