SME Systems Engineer (ICAM)

GovCIO is currently hiring a highly experienced SME Systems Engineer to support critical Identity, Credential, and Access Management (ICAM) modernizion activities for the U.S. Coast Guard (USCG). This technical role focuses on designing, engineering, and executing secure, identity-centric access control frameworks across legacy and modern enterprise architectures. This position will be loced in Alexandria, VA,and will be a hybrid position.

The SME Systems Engineer / ICAM Engineer will serve as a primary technical authority for the enterprise identity management and access control framework. Core responsibilities include:

• Lead the comprehensive engineering, technical planning, and execution of modernizing legacy access controls into robust ICAM solutions.
• Analyze and address all federion, authenticion, authorizion, and single sign-on (SSO) implicions across enterprise networks.
• Configure, optimize, and manage enterprise-grade identity directories, authenticion protocols, and Public Key Infrastructure (PKI) systems.
• Architect and implement secure identity lifecycle workflows, privilege management controls, and automed user provisioning frameworks.
• Design and deploy strict Zero Trust identity principles across all primary network hubs to elimine unauthorized access phs.
• Develop custom technical interfaces and integrion pterns required for identity compliance tracking across da tools.
• Conduct technical root cause analysis, privilege audits, and system performance tuning on active identity management nodes.
• Proactively identify security risks during identity plform migrions and design targeted engineering workarounds.
• Develop and maintain comprehensive technical documention, architecture definitions, and detailed ICAM da flows.

High School with 10+ years (or commensure experience)

Required Skills & Experience

• Certificions: DoD 8570 IAT Level II or higher (e.g., Security+ CE, CySA+, or vendor-specific identity certificions).
• Deep technical understanding of federed identity concepts, including SAML, OAuth, OIDC, and Active Directory / LDAP architecture.
• Hands-on engineering experience managing Smart Card / Common Access Card (CAC) authenticion and PKI certifice validion.
• Proven experience designing and applying federal Zero Trust identity guidelines (NIST SP 800-207) within enterprise networks.

Clearance Level: Must have an active Secret clearance

Preferred Skills & Experience

• Prior experience supporting U.S. Coast Guard (USCG) or Department of Homeland Security (DHS) identity management programs.
• Familiarity with integring da governance frameworks with ICAM solutions to enforce da-level access controls.
• Direct experience with enterprise identity tools such as SailPoint, Okta, Microsoft Entra ID, or Ping Identity.
• Advanced knowledge of RESTful API authorizion protocols, secure geways, and da schema security standards.