Identity Engineer (Directory Services & Automation)

Engineers and sustains identity services supporting DDSB operations, including directory integrations, identity provisioning workflows, and secure access patterns. This role focuses on automation and repeatable identity operations that reduce manual provisioning and improve control consistency.

Key Tasks & Responsibilities

• Create standardized, forward-looking, and compliant designs and solutions for directory services, identity, credentialing, access management engineering activities, including Cryptographic Key Management, Privileged Identity Management, Privileged Access Management, Identity Automation, Attribute Aggregation, PKI, and PKE.
• Engineer, design, update, and maintain the mJAD (medical Joint Active Directory) Technical Requirements and Architecture & Design documentation, ensuring alignment with DHA member server baselines, DISA STIGs, and industry best practices.
• Engineer and deliver current and future Microsoft Server Operating System Active Directory Services, Active Directory Lightweight Directory Services, Active Directory-integrated secure DNS roles across the medical enterprise.
• Maintain and update directory services engineering packages and associated risk assessments, and engineer, support, and integrate ADDS, ADLDS on current and future Microsoft Server operating systems in coordination with other enterprise teams and programs.
• Engineer identity solutions enabling MHS (Military Health System) administrators to manage persons, non-person entities, groups, and authorized assets, control access to resources by associating user rights and restrictions with authenticated identities.
• Engineer identity management functionality including policy definition, reporting, alerts, alarms in line with management and operational requirements and DoD Enterprise ICAM Reference Design guidance.
• Provide system requirements for MHS directory services to ensure identity and directory solutions comply with technical architecture authorization standards and DoDI 8520.03.

Education & Experience

• Master's degree in Information Technology, Cybersecurity, Computer Science, Data Science, Engineering, Mathematics, or a closely related discipline or equivalent practical experience (as permitted by the contract). Minimum 6 years of relevant experience supporting enterprise IT environments, with demonstrated work aligned to Identity Engineering Services.

Certifications

• At least one: FITSP-D, GCSA, GISF, or SSCP.
• Alternate/equivalent certifications may be accepted with Government approval.
• Preferred/Work-center dependent: Microsoft Certified: Cyber Security Architect Expert or Microsoft Certified: Azure Solutions Architect Expert.

Security Clearance

• Must be able to obtain and maintain Public Trust suitability and all required system access (e.g., CAC-enabled accounts) to perform duties.

Other (Travel, Work Environment, DoD 8570 Requirements, Administrative Notes, etc.)

• Work is primarily on-site in San Antonio, TX; limited remote work may be allowed when authorized by the Government and mission requirements permit. Work may require after-hours, weekend, and/or on-call support as directed, including support during scheduled maintenance windows, high-impact incidents, vulnerability response actions, inspections, and surge periods.
• This position is aligned to applicable DoD Manual 8140.03 work role 632 (NIST: SP-SYS-002); contractor personnel must meet DoD 8570.01-M baseline certification requirements and transition to DoD Manual 8140.03 work role requirements, including required training, knowledge, skills, abilities, and tasks, within Government-directed timelines.

Computer World Services is an affirmative action and equal employment opportunity employer. Current employees and/or qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, disability, protected veteran status, genetic information or any other characteristic protected by local, state, or federal laws, rules, or regulations.

Computer World Services is committed to the full inclusion of all qualified individuals. As part of this commitment, Computer World Services will ensure that individuals with disabilities (IWD) are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact Human Resources at [email protected] .

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.