The Identity Access Management Specialist Senior supports SEC OIT under the ISS contract by designing, implementing, and operating enterprise identity and access capabilities across cloud and enterprise environments. This role leads hands-on engineering and sustainment of Microsoft Entra (Azure AD) and Microsoft ICAM-aligned solutions to ensure secure authentication, authorization, and lifecycle identity management. The position is responsible for enforcing Zero Trust access controls, including MFA, conditional access, RBAC, and privileged access governance, while integrating IAM services with business and technical systems. The role also supports continuous compliance and audit readiness through SOP-driven operations, control evidence, and remediation of security findings. Success in this role is measured by sustained access control compliance, timely audit finding closure, and reliable IAM service performance.
Primary Responsibilities
Identity Platform Engineering
- Design, implement, and manage enterprise IAM architecture supporting secure authentication and authorization across SEC systems.
- Administer Microsoft Entra services, including Entra ID and Entra Identity Governance, and related identity components.
- Implement and maintain identity lifecycle processes (joiner/mover/leaver), directory services, and secure account provisioning/deprovisioning.
- Lead IAM integration with enterprise applications and cloud services to deliver scalable, policy-driven access.
Access Governance and Privileged Access Management
- Implement and manage role-based access control (RBAC) to enforce least-privilege access.
- Configure and maintain MFA, conditional access policies, and privileged access management controls.
- Support governance workflows to sustain access appropriateness and policy compliance.
- Oversee policy enforcement for group management, account changes, and access expiration activities.
Zero Trust Security and Operations
- Apply Zero Trust identity controls in alignment with SEC ISS requirements and federal guidance, including OMB M-22-09 principles.
- Support secure authentication modernization, including removal of legacy methods and enforcement of strong access controls.
- Coordinate with infrastructure, endpoint, and security teams to validate device/user compliance and enforce access decisions.
- Provide advanced troubleshooting for complex authentication, authorization, and federation/integration issues.
Compliance, Audit, and Service Delivery
- Maintain IAM SOPs, runbooks, and technical documentation to support ATO sustainment and consistent operations.
- Support audit activities by producing control artifacts, resolving findings, and tracking corrective actions.
- Monitor IAM platform health, service performance, and security events; drive timely incident response and remediation.
- Deliver status reporting, risk updates, and continuous improvement recommendations to stakeholders.
Required Qualifications
Citizenship/Work Authorization: Must meet contract requirements.
Clearance: Ability to obtain and maintain SEC Public Trust (or higher if required).
Education: Bachelors in a relevant field (e.g., Information Technology, Computer Science, Engineering).
Experience:
- Minimum 8 years of experience in IAM or cybersecurity roles (typically within a 7-10 year IAM/cybersecurity background).
- Mandatory hands-on experience with Microsoft Entra (Azure AD) and Microsoft ICAM (Identity Credential and Access Management) solutions.
- Demonstrated experience implementing identity governance, MFA, conditional access, privileged access management, and integration with enterprise applications.
Technical Skills:
- Microsoft Entra (Azure AD) and Microsoft ICAM solution implementation and operations.
- Entra Identity Governance, MFA, Conditional Access, RBAC, and privileged access management.
- Secure authentication and authorization design across enterprise systems.
- IAM policy administration, platform operation and maintenance, and advanced IAM troubleshooting.
- Knowledge of compliance frameworks: NIST, CISA SCuBA, and ISO 27001.
Preferred Qualifications
- Experience supporting a federal civilian agency IT environment, preferably SEC or similarly regulated mission environments.
- Experience implementing and operationalizing CISA SCuBA-aligned controls in Microsoft 365 GCC.
- Experience integrating IAM controls with enterprise ticketing/workflow platforms (e.g., ServiceNow) and change management processes.
- Proven ability to lead IAM modernization initiatives aligned to Zero Trust architecture and cloud adoption.
- Experience mentoring junior IAM engineers and leading cross-functional technical efforts during incidents and audit remediation.
- Microsoft Certified: Identity and Access Administrator Associate (SC-300)
- Microsoft Certified: Cybersecurity Architect Expert (SC-100)
- CISSP
WORK ENVIRONMENT / OTHER
Operational Support: May require participation in on-call or surge support activities depending on operational needs.
Location: Telework
Travel: As required per contract direction.
If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.
May 13, 2026
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range $87,100.00 - $157,450.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Leidos is a Fortune 500® innovation company rapidly addressing the world’s most vexing challenges in national security and health. The company's global workforce of 48,000 collaborates to create smarter technology solutions for customers in heavily regulated industries. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $15.4 billion for the fiscal year ended December 29, 2023.
Leidos was cited for the meaningful work employees perform that is challenging, impactful, and aligned with our customers’ missions as reasons professionals want to work and stay at our company. Leidos has also been named to lists including Forbes’ Best Employers for Diversity, Forbes’ America’s Best Employers for Women, Military Times Best for Vets Employers, and Ethisphere Institute’s World's Most Ethical Companies®.
Employees enjoy career enrichment opportunities available through mobility and development and experience rewarding relationships with supportive supervisors and talented colleagues and customers. Employees appreciate our flexible work environment, allowing for and encouraging a true work-life balance. Our professionals are also excited about our Employee Resource Groups, like the Collaborative Outreach with Remote and Embedded Employees (CORE), which strives to create an environment where every employee, regardless of location, feels fully engaged as a valued employee of Leidos.
Your most important work is ahead, visit careers.leidos.com for our latest opportunities.
