Technical Leadership- Manage a team handling complex, multi-system PIV/PKI issues (certificate failures, smart card logon errors, middleware failures, CRL/OCSP issues, workstation trust issues, email signing/encryption problems).
- Oversee deep-dive investigation of incidents that cannot be resolved by Tier 1/2.
- Guide root-cause analysis and create remediation plans for recurring identity issues.
- Provide expert troubleshooting covering Windows, AD/Entra ID, certificate authorities, PKI validation, workstation cert stores, CRLs/OCSP, middleware, VPN, and secure email.
Stakeholder & Engineering Coordination- Act as the coordination point between Tier 3 support and additional VA support teams assisting end users.
- Drive technical investigations and collaborate on changes or fixes affecting PIV/ICAM workflows.
- Communicate technical findings and recommended improvements to VA program leadership.
Incident, Problem & Change Management- Own all Tier 3 escalations, ensuring they meet SLA for response and resolution.
- Lead Problem Management efforts: document known errors, identify trends, propose permanent fixes.
- Validate technical solutions or workarounds before push-down to lower tiers.
- Review and approve changes impacting identity/authentication systems (cert authority updates, CRL distribution changes, middleware upgrades, GPO updates).
Knowledge & Process Development- Create and maintain detailed runbooks and troubleshooting guides for complex PIV issues.
- Provide training and technical coaching to Tier 2 analysts as needed.
- Identify automation opportunities to reduce manual troubleshooting.
Compliance & Security- Ensure Tier 3 operations adhere to federal identity, credentialing, and security standards.
- Maintain strict handling of sensitive data (PII/PHI) within identity systems.
- Support audit activities with technical evidence and documentation.
Required Qualifications- 5-10+ years in IT support, with 3+ years managing advanced technical teams.
- Strong hands-on experience with PIV, PKI, certificates, smart card authentication, and Windows trust environments.
- Strong understanding of HSPD-12, FIPS 201, NIST SP 800-63 and related federal identity standards.
- Deep technical experience with Active Directory, group policy, cert authorities, CRL/OCSP validation, and authentication flows.
- Experience leading escalations and root-cause investigations in enterprise/federal environments.
- Proficiency in ServiceNow or similar ITSM tools.
- Ability to obtain/maintain Public Trust clearance.
Preferred Qualifications- Experience supporting VA identity systems and workflows.
- Previous work with certificate authority platforms (Entrust, HID/ActivID, RSA, etc.).
- Experience with device management (SCCM/Intune).
- ITIL v4 certification.
- Familiarity with secure email (S/MIME) and authentication integrations with cloud services.
Core Competencies- Expert-level troubleshooting & analytical thinking.
- Strong leadership for technical teams.
- Clear communication of complex issues to non-technical stakeholders.
- Process rigor (ITIL, RCA, documentation).
- Cross-team collaboration & diplomacy in high-visibility escalations.
Compensation RangesCompensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience. The compensation displayed for this role is a general guideline based on these factors and is unique to each role. Monetary compensation is one component of ASM's overall compensation and benefits package for employees.
DisclaimerThe preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.