Job Description

The Access Control Specialist supports the SEC ISS contract by administering secure, timely access to enterprise systems and data. This role manages full account lifecycle activities (joiner, mover, leaver), validates access changes, and maintains accurate, current account information. The position applies Microsoft Active Directory and core access control practices to enforce approved access. The specialist also maintains access control procedures and documentation to support SEC policy compliance, audit readiness, and operational effectiveness.

Primary responsibilities

ACCOUNT LIFECYCLE ADMINISTRATION

- Create, modify, disable, and terminate user accounts based on approved requests and established timelines.

- Execute joiner/mover/leaver workflows, including account expiration and deprovisioning controls.

- Validate approvals and request details before implementing access changes.

- Track, update, and resolve access-related requests and escalations in the designated ticketing system.

GROUP, MAILBOX, AND FILE PERMISSIONS MANAGEMENT

- Manage security and distribution groups, including membership updates and periodic validation.

- Administer mailbox permissions and delegation settings for individual and shared mail resources.

- Configure and maintain file and folder permissions according to approved access needs.

- Correct stale, conflicting, or excessive permissions to maintain appropriate access.

DIRECTORY SERVICES AND ACCESS CONTROL SUPPORT

- Maintain Microsoft Active Directory account attributes and directory data accuracy across systems.

- Ensure account information remains accurate, complete, and current.

- Coordinate with security and system owners to ensure access controls remain current and enforceable.

- Support routine validation activities for access provisioning and account changes.

PROCEDURES, COMPLIANCE, AND CONTINUOUS IMPROVEMENT

- Maintain and update access control protocols, SOPs, and process documentation.

- Produce audit-ready records for access provisioning, changes, and terminations.

- Identify recurring access issues and recommend process improvements.

- Support compliance with SEC security policies and contract requirements.

Required qualifications

Citizenship/Work Authorization: Must meet contract requirements.

Clearance: Ability to obtain and maintain SEC Public Trust (or higher if required).

Education: Bachelors.

Experience:

- Minimum 2 years of experience administering access control in an enterprise IT environment.

- Experience managing account creation, modification, termination, and expiration processes.

- Experience managing groups, mailbox permissions, and file permissions while maintaining accurate account records.

Technical Skills:

- Microsoft Active Directory and underlying directory service concepts.

- User account lifecycle administration (account creation, modification, and termination).

- Group administration and permission management.

- Mailbox and file permission management.

- Access control protocol and SOP maintenance.

Preferred qualifications

The following are preferred qualifications aligned to the SEC ISS IAM operating environment:

- Experience supporting federal agency IT environments with formal security and compliance requirements.

- Hands-on experience with Microsoft Entra ID and hybrid identity administration.

- Familiarity with RBAC, identity governance, MFA, and privileged access concepts.

- Working knowledge of FISMA/NIST-aligned access control practices.

- Experience using PowerShell or similar scripting tools to automate access administration tasks.

- Microsoft Certified: Identity and Access Administrator Associate (SC-300)

- CompTIA Security+

- ITIL 4 Foundation

WORK ENVIRONMENT / OTHER

Operational Support: May require participation in on-call or surge support activities depending on operational needs.

Location: On-site at SEC HQ, Washington, DC

Travel: As required per contract direction.

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.

Original Posting:

May 13, 2026

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

Pay Range $50,700.00 - $91,650.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.