ICAM Integration Engineer

Athenix Special Missions, LLC MacDill Air Force Base, Florida, United States

About this position

  

Athenix Special Missions is seeking an ICAM Integration Engineer in MacDill Air Force Base (Tampa), Florida!

  

ASM Quality Policy: To meet or exceed our customers’ expectations for quality, delivery, and service through continual improvement, striving to meet our objectives, and committing to meeting all legal and statutory requirements  


Position Summary 
The Identity, Credential, and Access Management (ICAM) Integration Engineer is a hands-on technical expert responsible for designing, implementing, and maintaining the connections between the components of a complex, multi-vendor Identity, Credential, and Access Management (ICAM) ecosystem. This role is critical for ensuring that disparate systems—including identity providers, governance platforms, and privileged access management tools—function as a cohesive and secure whole. The ideal candidate is a skilled problem-solver with deep expertise in identity protocols, APIs, and automation who can script and configure the intricate data flows that form the backbone of a Zero Trust architecture


Duties & Responsibilities (Hands-on Implementation)


Automated Deployment:

  • Develop, test, and maintain Red Hat Ansible playbooks to automate the deployment and configuration of ICAM infrastructure across both Windows and Linux (RHEL) environments.
  • Utilize Infrastructure-as-Code (IaC) principles to ensure consistent, repeatable, and hardened deployments of all ICAM components.


Federation and Directory Integration:

  • Configure and maintain the cross-forest trust between the on-premises Active Directory (AD) and the Red Hat Identity Management (IdM) domain to enable unified authentication for the Linux estate.
  • Implement and troubleshoot complex federation scenarios using Ping Federate, including integrating with legacy ADFS and connecting to mission partner environments using SAML and OIDC.
  • Configure and manage the data synchronization and virtualization layer, ensuring a consistent Master User Record (MUR) is available to all connected systems.


Platform and API Integration:

  • Develop and maintain API-driven integrations between SailPoint (IGA), Delinea (PAM), and One Identity Active Roles (ARS).
  • Script the workflows that connect SailPoint access requests to Delinea for Just-in-Time (JIT) privileged access elevation.
  • Configure SailPoint connectors to provision and de-provision accounts and entitlements in Active Directory, Microsoft Entra ID, and other target systems.
  • Integrate all ICAM components with the enterprise SIEM, ensuring logs are properly formatted and forwarded for security analysis.




Requirements

  

Qualifications and Technical Skills:
  • Required:
    • Demonstrated experience scripting with PowerShell and/or Python for systems integration and automation.
    • Hands-on experience with Red Hat Ansible for automated configuration management.
    • Strong understanding of identity federation protocols (SAML, OIDC, WS-Federation) and directory services (LDAP, Kerberos).
    • Experience with REST API integration for enterprise software.
    • Familiarity with both Windows Server and Red Hat Enterprise Linux (RHEL) operating systems.
    • DoD 8140 Compliance (IAT Level II)
  • Preferred:
    • Experience integrating enterprise IGA (e.g., SailPoint), PAM (e.g., Delinea), and IdP (e.g., Ping Federate) solutions.
    • Knowledge of Active Directory and Microsoft Entra ID architecture and administration.
    • Experience with Red Hat Identity Management (IdM) and establishing AD trusts.
    • Relevant API/Scripting certifications.

 Equal Opportunity Employer, including disability and protected veteran status