PKI / IAM Security EngineerJob number: 879This is a remote position.The
Veterans Affairs business unit helps transform the VA into a modern digital services organization where Veteran outcomes are at the center of every effort. We partner with the VA to design and deliver seamless user experiences for Veterans, their families and caregivers, and VA employees. By applying better practices in service design, product management, and technology, we enable the VA to increase the use, quality, and reliability of services and decrease the time Veterans spend waiting for outcomes.
Primary Responsibilities:As a PKI / IAM Security Engineer, you will design, implement, and operate the identity, credential, and access management (ICAM) and public key infrastructure (PKI) capabilities that secure a large federal enterprise cloud platform. You will translate federal identity and security requirements into engineered, automated solutions that protect access to mission-critical systems serving Veterans. Primary expectations of a PKI / IAM Security Engineer include:
- Engineering and operating identity, credential, and access management (ICAM) services, including authentication, authorization, federation, and single sign-on for platform applications
- Implementing and maintaining public key infrastructure (PKI), including certificate issuance, renewal, revocation, and key lifecycle management
- Integrating Personal Identity Verification (PIV) card-based authentication in accordance with HSPD-12 and FIPS 201
- Configuring and managing cloud identity and access management (AWS IAM), including roles, policies, and least-privilege access across multi-account environments
- Applying federal identity standards and frameworks, including NIST SP 800-63 Digital Identity Guidelines and the Federal ICAM (FICAM) architecture, to platform design and operations
- Advancing zero-trust principles across identity and access controls
- Automating identity and access provisioning through infrastructure as code (Terraform) and supporting the platform's Authority to Operate (ATO) with audit-ready evidence
- Producing technical documentation and translating complex identity and security concepts for a range of stakeholders
- Working with government partners and application teams to ensure systems meet security, compliance, and access requirements
Basic Qualifications: - Bachelor's and 3+ years of experience; relevant experience may be substituted for education
- Hands-on experience with identity and access management (IAM) and/or public key infrastructure (PKI) in an enterprise or cloud environment
- Working knowledge of authentication and authorization protocols (e.g., SAML, OAuth 2.0, OIDC, LDAP) and certificate management
- Familiarity with federal identity standards such as PIV / HSPD-12, FIPS 201, or NIST SP 800-63
- Must be able to obtain and maintain a U.S. Public Trust / suitability determination
Preferred Qualifications:- Prior experience with the Department of Veterans Affairs
- Experience with cloud IAM (AWS), federation, and single sign-on at scale
- Familiarity with FICAM, zero-trust architecture, and NIST 800-53
- Relevant certifications (e.g., CompTIA Security+, AWS Security Specialty, identity platform certifications, CISSP)
- Experience automating identity workflows with infrastructure as code (Terraform)
To learn more about working at Ad Hoc, please visit:https://adhocteam.us/join
Benefits:- Company-subsidized health, dental, and vision insurance
- Flexible PTO
- 401K with employer match
- Paid parental leave after one year of service
- Employee Assistance Program
In support of various state and city equal pay transparency laws, Ad Hoc job descriptions feature the starting range we reasonably expect to pay to candidates who would join our team with little to no need for training on the responsibilities we've outlined above. Actual compensation is influenced by a wide range of factors including but not limited to skill set, level of experience, and responsibility. The range of starting pay for this role is $130,000-$135,000. Our recruiters will be happy to answer any questions you may have, and we look forward to learning more about your salary requirements.
job reference:
https://adhoc.team/