Lead Architect - Identity, Credential, And Access Management (ic

Lead Architect - Identity, Credential, and Access Management (ICAM)

Location: Beavercreek, OH
Minimum Clearance Required to Start: TS to apply

More about your role:
At NASK, we're growing, building great teams, and doing exciting work. You can be part of an entrepreneurial environment rich in opportunity and reward - all while helping us deliver critical, mission-focused solutions for the Intelligence and Military Communities. NASK provides the National Air and Space Intelligence Center (NASIC) with support for the research, development, and sustainment of new and existing hardware, systems, and software capabilities that enable scientific and technical intelligence production for the United States military services and national-level intelligence efforts through 2033. We are a delivery-oriented, fast-growing company, and we invite you to join our talented team.

Position Overview

NASK is seeking a Lead Architect for Identity, Credential, and Access Management (ICAM) to lead the design, integration, and modernization of enterprise identity solutions supporting mission-critical systems within NASIC. This role serves as the technical lead for AFISRE and drives Zero Trust identity capabilities across NASIC and the AF enterprise in support of Air Force Digital Transformation initiatives. The ideal candidate will bring deep expertise in identity security, cloud-native architectures, and DevSecOps, with the ability to lead both technical teams and customer engagements.

Key Responsibilities:

• Serve as the enterprise technical lead for ICAM architecture, engineering, and integration
• Design and Execute the ICAM strategy, roadmap, and modernization initiatives
• Architect and implement Zero Trust identity and access management solutions
• Design authentication, authorization, federation, and identity governance capabilities
• Integrate ICAM solutions across multi-domain, cloud, and mission system environments
• Provide subject matter expertise in privileged access management (PAM) and identity governance
• Ensure compliance with DoD, NIST, and Intelligence Community standards and frameworks
• Lead and mentor engineering teams, architects, and developers
• Engage directly with government stakeholders and mission partners
• Support secure identity integration across data platforms, applications, and enterprise services
• Lead customer engagement

Any other tasks closely associated with the performance of duties listed above

Required Qualification:

• Active Top Secret/SCI (TS/SCI) clearance
• Bachelor's degree in a STEM field with 15+ years of relevant experience
• Deep understanding of Zero Trust, Identity-as-a-Service (IDaaS), and modern access control models
• Extensive experience designing and implementing enterprise ICAM solutions and PKI
• Strong knowledge of Active Directory and enterprise identity services
• Experience with authentication and federation protocols (SAML, OAuth 2.0, OpenID Connect)
• Proven experience architecting cloud-based environments (AWS, Azure)
• Hands-on experience with containerization and orchestration (Docker, Kubernetes)
• Experience implementing DevSecOps practices and CI/CD pipelines
• Proficiency in Linux/Unix operating systems
• Development experience in Golang and Python
• Experience with relational databases and SQL (MariaDB, PostgreSQL)
• Experience working in Agile development environments
• Strong written and verbal communication skills
• Ability to operate effectively in a secure, in-person/closed-area environment

Preferred Qualifications

• Experience with service mesh and identity platforms (Istio, Keycloak)
• Demonstrated expertise in cloud-native and DevSecOps ecosystems, including Helm, YAML, GitLab, and ArgoCD
• Strong knowledge of Active Directory
• Experience with SAML, OAuth 2.0, OpenID Connect
• Experience implementing observability and monitoring solutions (Grafana, Prometheus)
• Familiarity with Open Policy Agent (OPA) and policy-as-code frameworks
• Web development experience using React, TypeScript, Angular, with a focus on UI/UX
• Experience architecting and developing ICAM / Identity Security systems and software
• Familiarity with cross-domain solutions and secure data transfer in classified environments
• Deep knowledge of Zero Trust frameworks, including:
• NIST SP 800-207
• NIST SP 800-63-4
• DoD Zero Trust Reference Architecture (v2.0)
• Relevant certifications such as CISSP, CISM, CASP+, Security+
• Agile certifications (CSM, CSPO, SAFe)
• Experience supporting large IDIQ contracts and federal acquisition processes
• Experience supporting DoD and/or Intelligence Community (IC) programs

Who we are:

Our people are the core of who we are and what we do. NASK has two decades of experience delivering innovative solutions to the tough technical challenges facing our partners in the Intelligence and Military Communities. Our subject matter experts mentor junior developers and analysts, bringing together the wisdom of real-world experience with fresh approaches to solve the toughest mission problems.

Benefits:
At NASK, our employees are the backbone of our company, so we provide unsurpassed benefits and work-life balance. Employees are provided with individual offices and collaboration spaces to foster individual and team success. We have a casual yet professional work environment - Employees work hard, and NASK offers a competitive benefits package that equates to 50% on top of your annual base salary. This is split between a tax-qualified profit-sharing retirement plan that NASK contributes to (up to allowable IRS limits) and a cafeteria plan for benefits. For a comprehensive overview of our benefits, visit the benefits tab under our careers page: https://nask.world/company/careers/

Compensation:
NASK Incorporated considers several factors when extending an offer, including but not limited to the role and responsibilities, work experience, education, training, certifications, geographic location, and market data. These are general guidelines and not a guarantee of compensation or salary.
Please be aware that many of our positions require the ability to obtain or maintain a U.S security clearance which requires U.S citizenship.

EEO Statement:
**NASK provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, transfers, leaves of absence, as well as compensation and training.

MC08