Hampton, Virginia, USA
17 hours ago
ICAM Systems Administrator
ICAM Systems Administrator

Job Category: Information Technology

Time Type: Full time

Minimum Clearance Required to Start: TS/SCI

Employee Type: Regular

Percentage of Travel Required: Up to 10%

Type of Travel: Continental US

* * *

Join our Kessel Run All-Domain Operations Suite (KRADOS) team where you will be working to support the modernization and operational sustainment of the next Air Operations Center (AOC) baseline that serves as the foundational environment to execute air power objectives. As part of this team you will be a part of the process to rapidly develop, produce, and deploy software across the AOC baseline, while continuously iterating and improving upon those software applications. This contract will support efforts to develop and continuously integrate and develop the KRADOS suite into multiple Air Operations Centers across the globe and support joint operations to enhance the overall ecosystem across all services.
 

Responsibilities:

24/7 onsite support (System Administrator) for operational Kessel Run Identity Management (KRIDx) and other Identity, Credential, and Access Management (ICAM) capability issue resolution.Performs all ICAM-related deployments into IL4 and IL6 environments.Collaborate with ICAM development team to provide feedback on operational issues, coordinate deployment activities, and ensure close communication in all areas with ICAM platform development implications.Troubleshoot and resolve user account issues.Perform all ICAM-related deployments, upgrades and database migrations to IL4 and IL6 environments.Assist application teams with ICAM integration.Monitor and audit access requests and user permissions.Provide reach back support to the KRIDx development team for product testing, documentation, and training.Monitor support requests for trends and provide recommended solutions to the leadership to decrease support requests.Assist with security assessment teams to ensure compliance with ICAM security standards.Implement immediate workaround fix actions for issues and security vulnerabilities.Conduct root cause analysis and take corrective actions following security incidents.Conduct regular risk assessments to identify vulnerabilities and potential threats, and evaluate compliance with published security policy.Monitor health and status of ICAM stack.Coordinate ICAM updates with AOCs and manage/maintain upgrade schedule.Manage and monitor integrations with external ICAM and DoD systems.Perform incident response.Monitor and manage SSL certificates for ICAM servers.Provide feedback on ICAM designs/implementation on their ability to support functional and security requirements.Utilize Git for source code management.Create and modify Docker files for container creation.Publish containers to a centralized repository (e.g., Harbor or Nexus).Create and modify Kubernetes deployment files.Create and modify GitLab CI workflows.Create and modify ArgoCD workflows.Create and manage Keycloak realms, users, groups, and roles.Manage Keycloak external identity providers and user/group mappings.Troubleshoot application authentication with Keycloak.



Qualifications:
Required:

3+ years of experience in SRE or DevOps.Possesses current CompTIA Security+ certification.Possesses active TS/SCI clearance.Experience with cloud computing concepts, architectures, and security best practices.Experience with Microsoft Active Directory (AD) design and support.Experience with ICAM and SSO concepts and implementations.Understanding of Kubernetes container orchestration, networking concepts, and deployment strategies.


Desired:

Have foundational knowledge with:o SAMLo OpenID Connect (OIDC)o OAuth 2.0o System for Cross Domain Identi ty Management (SCIM)o SOAP and Rest APIsExperience with Keycloak.Experience with GitLab CI.

-

______________________________________________________________________________

What You Can Expect:

 

A culture of integrity.

At CACI, we place character and innovation at the center of everything we do. As a valued team member, you’ll be part of a high-performing group dedicated to our customer’s missions and driven by a higher purpose – to ensure the safety of our nation.

 

An environment of trust.

CACI takes pride in fostering a diverse and accessible culture where every individual feels supported to chart their own path. You’ll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.

 

A focus on continuous growth.

Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground — in your career and in our legacy.

 

Your potential is limitless. So is ours.

Learn more about CACI here.

______________________________________________________________________________

Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits. Learn more here.

The proposed salary range for this position is:

$68,400-$143,700

CACI is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, age, national origin, disability, status as a protected veteran, or any other protected characteristic.
Confirm your E-mail: Send Email