Lead Architect - Identity, Credential, And Access Management (Icam)

Title:

Lead Architect- Identity, Credential, and Access Management (ICAM)

Belong. Connect. Grow. with KBR!

KBR is seeking a Lead Architect for Identity, Credential, and Access Management (ICAM) to lead the design, integration, and modernization of enterprise identity solutions supporting mission-critical systems within NASIC. This role serves as the technical lead for AFISRE and drives Zero Trust identity capabilities across NASIC and the AF enterprise in support of Air Force Digital Transformation initiatives. The ideal candidate will bring deep expertise in identity security, cloud-native architectures, and DevSecOps, with the ability to lead both technical teams and customer engagements.

Key Responsibilities:

Serve as the enterprise technical lead for ICAM architecture, engineering, and integration

Design and Execute the ICAM strategy, roadmap, and modernization initiatives

Architect and implement Zero Trust identity and access management solutions

Design authentication, authorization, federation, and identity governance capabilities

Integrate ICAM solutions across multi-domain, cloud, and mission system environments

Provide subject matter expertise in privileged access management (PAM) and identity governance

Ensure compliance with DoD, NIST, and Intelligence Community standards and frameworks

Lead and mentor engineering teams, architects, and developers

Engage directly with government stakeholders and mission partners

Support secure identity integration across data platforms, applications, and enterprise services

Lead customer engagement

Any other tasks closely associated with the performance of duties listed above

Required Qualifications:

Active Top Secret/SCI (TS/SCI) clearance

Bachelor's degree in a STEM field with 15+ years of relevant experience

Deep understanding of Zero Trust, Identity-as-a-Service (IDaaS), and modern access control models

Extensive experience designing and implementing enterprise ICAM solutions and PKI

Strong knowledge of Active Directory and enterprise identity services

Experience with authentication and federation protocols (SAML, OAuth 2.0, OpenID Connect)

Proven experience architecting cloud-based environments (AWS, Azure)

Hands-on experience with containerization and orchestration (Docker, Kubernetes)

Experience implementing DevSecOps practices and CI/CD pipelines

Proficiency in Linux/Unix operating systems

Development experience in Golang and Python

Experience with relational databases and SQL (MariaDB, PostgreSQL)

Experience working in Agile development environments

Strong written and verbal communication skills

Ability to operate effectively in a secure, in-person/closed-area environment

Desired Qualifications:

Experience with service mesh and identity platforms (Istio, Keycloak)

Demonstrated expertise in cloud-native and DevSecOps ecosystems, including Helm, YAML, GitLab, and ArgoCD

Strong knowledge of Active Directory

Experience with SAML, OAuth 2.0, OpenID Connect

Experience implementing observability and monitoring solutions (Grafana, Prometheus)

Familiarity with Open Policy Agent (OPA) and policy-as-code frameworks

Web development experience using React, TypeScript, Angular, with a focus on UI/UX

Experience architecting and developing ICAM / Identity Security systems and software

Familiarity with cross-domain solutions and secure data transfer in classified environments

Deep knowledge of Zero Trust frameworks, including:

NIST SP 800-207

NIST SP 800-63-4

DoD Zero Trust Reference Architecture (v2.0)

Relevant certifications such as CISSP, CISM, CASP+, Security+

Agile certifications (CSM, CSPO, SAFe)

Experience supporting large IDIQ contracts and federal acquisition processes

Experience supporting DoD and/or Intelligence Community (IC) programs

Belong, Connect and Grow at KBR

At KBR, we are passionate about our people and our Zero Harm culture. These inform all that we do and are at the heart of our commitment to, and ongoing journey toward being a People First company. That commitment is central to our team of team's philosophy and fosters an environment where everyone can Belong, Connect and Grow. We Deliver- Together.

KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.