Posted today
Public Trust
Mid Level Career (5+ yrs experience)
Unspecified
IT - Security
Remote/Hybrid•Washington, DC (On-Site/Office)
ZT/ICAM Policy Analyst
Location: Washington, D.C. (Onsite minimum 2 days/week; may be required up to full-time onsite)
Clearance: Public Trust or DoD Secret preferred
Position Overview
We are seeking a Zero Trust / Identity, Credential, and Access Management (ZT/ICAM) Policy Analyst to support enterprise-wide identity governance, access control, and Zero Trust modernization initiatives across a federal environment. This role is ideal for someone who is highly detail-oriented, understands federal cybersecurity requirements, and can translate complex technical or architectural concepts into clear, actionable policies.
The analyst will evaluate existing identity and access processes, develop new ZT/ICAM-aligned policies and standards, and support governance bodies in implementing modern enterprise identity capabilities such as IGA, PAM, SSO/MFA, Credential Management, and data-driven access decisioning.
Key Responsibilities
Policy & Governance Development
Develop, revise, and maintain enterprise Zero Trust and ICAM policies, standards, procedures, and playbooks aligned with OMB, DHS, NIST, CISA Zero Trust Maturity Model, and agency-specific guidance.
Establish clear governance processes for identity lifecycle management, access control enforcement, privileged access management, user credentialing, and identity data quality.
Translate complex ICAM and Zero Trust concepts into clear, operational policy language for technical and non-technical audiences.
Identity & Access Program Support
Support the standing ICAM governance board(s), working groups, and tiger teams by preparing agendas, decision papers, technical position memos, and meeting summaries.
Review and analyze identity-related risks, gaps, and compliance findings to recommend policy, process, or control improvements.
Partner with technical engineering teams (SailPoint, CyberArk, Azure AD, PIV/Credentialing, federation services, etc.) to ensure policies reflect technical realities and modernization objectives.
Compliance, Audit, & Reporting
Analyze identity and access practices for alignment with OMB M-22-09, M-19-17, FISMA, NIST SP 800-53, 800-63, ICAM playbooks, and agency ZT strategy.
Create documentation that supports audits, ATO packages, readiness reviews, and architecture review boards.
Track policy adoption, exception requests, and compliance metrics; support reporting to senior leadership.
Stakeholder Engagement
Conduct interviews, workshops, and process walkthroughs with mission stakeholders, security teams, application owners, and HR/Directory teams.
Provide policy interpretation guidance and help stakeholders understand required changes driven by Zero Trust and ICAM modernization.
Support organizational change management and communication planning related to ZT/ICAM policy rollouts.
Qualifications
Required
Demonstrated experience (4–7+ years) supporting Identity & Access Management, Zero Trust, cybersecurity policy, or related governance functions in a federal or large enterprise environment.
Strong understanding of identity lifecycle processes, RBAC/ABAC, MFA/SSO, federation, credential management, IGA, and/or PAM concepts.
Familiarity with federal cybersecurity policies and frameworks (OMB, DHS CDM/ICAM, NIST SP 800-53, 800-63, CISA ZTMM).
Excellent writing, analytical thinking, and policy-translation skills.
P
referred
Active or prior federal clearance: Public Trust, Moderate Risk, High Risk, or DoD Secret.
Experience with federal identity platforms (SailPoint, CyberArk, Azure AD, Okta, PIV/CAC, ICAM credentialing systems).
Experience supporting large federal agencies, especially Treasury, IRS, DHS, DoD, or similar.
Location: Washington, D.C. (Onsite minimum 2 days/week; may be required up to full-time onsite)
Clearance: Public Trust or DoD Secret preferred
Position Overview
We are seeking a Zero Trust / Identity, Credential, and Access Management (ZT/ICAM) Policy Analyst to support enterprise-wide identity governance, access control, and Zero Trust modernization initiatives across a federal environment. This role is ideal for someone who is highly detail-oriented, understands federal cybersecurity requirements, and can translate complex technical or architectural concepts into clear, actionable policies.
The analyst will evaluate existing identity and access processes, develop new ZT/ICAM-aligned policies and standards, and support governance bodies in implementing modern enterprise identity capabilities such as IGA, PAM, SSO/MFA, Credential Management, and data-driven access decisioning.
Key Responsibilities
Policy & Governance Development
Develop, revise, and maintain enterprise Zero Trust and ICAM policies, standards, procedures, and playbooks aligned with OMB, DHS, NIST, CISA Zero Trust Maturity Model, and agency-specific guidance.
Establish clear governance processes for identity lifecycle management, access control enforcement, privileged access management, user credentialing, and identity data quality.
Translate complex ICAM and Zero Trust concepts into clear, operational policy language for technical and non-technical audiences.
Identity & Access Program Support
Support the standing ICAM governance board(s), working groups, and tiger teams by preparing agendas, decision papers, technical position memos, and meeting summaries.
Review and analyze identity-related risks, gaps, and compliance findings to recommend policy, process, or control improvements.
Partner with technical engineering teams (SailPoint, CyberArk, Azure AD, PIV/Credentialing, federation services, etc.) to ensure policies reflect technical realities and modernization objectives.
Compliance, Audit, & Reporting
Analyze identity and access practices for alignment with OMB M-22-09, M-19-17, FISMA, NIST SP 800-53, 800-63, ICAM playbooks, and agency ZT strategy.
Create documentation that supports audits, ATO packages, readiness reviews, and architecture review boards.
Track policy adoption, exception requests, and compliance metrics; support reporting to senior leadership.
Stakeholder Engagement
Conduct interviews, workshops, and process walkthroughs with mission stakeholders, security teams, application owners, and HR/Directory teams.
Provide policy interpretation guidance and help stakeholders understand required changes driven by Zero Trust and ICAM modernization.
Support organizational change management and communication planning related to ZT/ICAM policy rollouts.
Qualifications
Required
Demonstrated experience (4–7+ years) supporting Identity & Access Management, Zero Trust, cybersecurity policy, or related governance functions in a federal or large enterprise environment.
Strong understanding of identity lifecycle processes, RBAC/ABAC, MFA/SSO, federation, credential management, IGA, and/or PAM concepts.
Familiarity with federal cybersecurity policies and frameworks (OMB, DHS CDM/ICAM, NIST SP 800-53, 800-63, CISA ZTMM).
Excellent writing, analytical thinking, and policy-translation skills.
P
referred
Active or prior federal clearance: Public Trust, Moderate Risk, High Risk, or DoD Secret.
Experience with federal identity platforms (SailPoint, CyberArk, Azure AD, Okta, PIV/CAC, ICAM credentialing systems).
Experience supporting large federal agencies, especially Treasury, IRS, DHS, DoD, or similar.
group id: 91093749
