Job Title: Identity, Credential, and Access Management (ICAM) Engineer- SailPoint

Job Summary:

The ICAM Engineer will be responsible for the design, deployment, and management of identity, credential, and access management solutions for a large federal agency. The successful candidate will possess a deep understanding of identity governance and administration (IGA) principles, with a particular focus on SailPoint technologies. The role requires a blend of technical expertise, strategic thinking, and effective communication to ensure that the ICAM infrastructure supports the organization's security posture and business objectives.

Key Responsibilities:

Design, implement, and maintain robust ICAM solutions using SailPoint IdentityIQ, ensuring alignment with industry best practices and regulatory requirements.

Collaborate with IT and cybersecurity teams to integrate ICAM solutions with existing systems and applications, facilitating seamless user experiences and secure access control.

Develop and maintain policies, procedures, and documentation related to identity lifecycle management, access certifications, role-based access control (RBAC), and segregation of duties (SoD).

Conduct regular system audits and access reviews to ensure compliance with internal policies and external regulations, such as SOX, HIPAA, or GDPR.

Troubleshoot and resolve complex technical issues related to ICAM systems, providing tier 3 support as needed.

Lead the effort in automating provisioning and deprovisioning processes, enhancing operational efficiency and reducing the potential for human error.

Engage with stakeholders across the organization to gather requirements, provide ICAM-related guidance, and ensure that access management needs are met in a secure and compliant manner.

Stay abreast of emerging trends and technologies in the ICAM space, evaluating and recommending tools and practices that can enhance our security posture.

Participate in the development and delivery of ICAM training materials to educate end-users and IT staff on best practices and system functionalities.

Qualifications:

Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.

Minimum 7 years of Information Technology experience

Minimum of 3 years of experience in identity and access management, with hands-on experience with SailPoint IdentityIQ.

Strong understanding of identity governance, directory services, SSO, MFA, and privileged access management.

Experience with scripting and automation tools (e.g., PowerShell, Python) is highly desirable.

Excellent problem-solving skills and the ability to work independently as well as collaboratively in a team environment.

Strong communication and interpersonal skills, with the ability to explain complex technical concepts to non-technical stakeholders.

Relevant certifications such as SailPoint Certified IdentityIQ Engineer, or similar credentials are preferred.

DoD Secret clearance is preferred but not required. Must be able to obtain Public Trust at minimum.

Occasional travel (Up to 10%) to support customer meetings or corporate initiatives may be required.

Basic Qualifications:

Red River offers a competitive salary, excellent benefits and an exceptional work environment. If you are ready to join a growing company, please submit your resume and cover letter (optional).

EOE M/F/DISABLED/Vet

Red River is an equal opportunity employer and makes employment decisions based on business needs, job requirements and individual qualifications, without regard to race, color, religion, national origin, sex (including pregnancy), sexual orientation, gender identity or expression, marital status, age, family medical history or genetic information, disability, past or present military service, or any other characteristics protected under the laws applicable in the locations where Red River operates.  Red River will not tolerate discrimination or harassment based on any of these characteristics. 

Red River does not accept unsolicited resumes from individual recruiters or third-party recruiting agencies in response to job postings or otherwise. Placement fees will not be paid to any recruiter unless Red River has an active agreement in place with the recruiter and such a request has been made by the Red River Talent Acquisition team and such candidate was submitted to the Red River Talent Acquisition Team via our Applicant Tracking System. Any unsolicited resumes or other data submitted to Red River in violation of this policy may be used by Red River without obligation to pay any fees of any kind to the recruiter.