Job Requirements
Beavercreek Township, OH
Top Secret/SCI Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Title:
Lead Architect - Identity, Credential, and Access Management (ICAM)
Belong. Connect. Grow. with KBR!
KBR is seeking a Lead Architect for Identity, Credential, and Access Management (ICAM) to lead the design, integration, and modernization of enterprise identity solutions supporting mission-critical systems within NASIC. This role serves as the technical lead for AFISRE and drives Zero Trust identity capabilities across NASIC and the AF enterprise in support of Air Force Digital Transformation initiatives. The ideal candidate will bring deep expertise in identity security, cloud-native architectures, and DevSecOps, with the ability to lead both technical teams and customer engagements.
Key Responsibilities:
Serve as the enterprise technical lead for ICAM architecture, engineering, and integration
Design and Execute the ICAM strategy, roadmap, and modernization initiatives
Architect and implement Zero Trust identity and access management solutions
Design authentication, authorization, federation, and identity governance capabilities
Integrate ICAM solutions across multi-domain, cloud, and mission system environments
Provide subject matter expertise in privileged access management (PAM) and identity governance
Ensure compliance with DoD, NIST, and Intelligence Community standards and frameworks
Lead and mentor engineering teams, architects, and developers
Engage directly with government stakeholders and mission partners
Support secure identity integration across data platforms, applications, and enterprise services
Lead customer engagement
Any other tasks closely associated with the performance of duties listed above
Required Qualifications:
Active Top Secret/SCI (TS/SCI) clearance
Bachelor's degree in a STEM field with 15+ years of relevant experience
Deep understanding of Zero Trust, Identity-as-a-Service (IDaaS), and modern access control models
Extensive experience designing and implementing enterprise ICAM solutions and PKI
Strong knowledge of Active Directory and enterprise identity services
Experience with authentication and federation protocols (SAML, OAuth 2.0, OpenID Connect)
Proven experience architecting cloud-based environments (AWS, Azure)
Hands-on experience with containerization and orchestration (Docker, Kubernetes)
Experience implementing DevSecOps practices and CI/CD pipelines
Proficiency in Linux/Unix operating systems
Development experience in Golang and Python
Experience with relational databases and SQL (MariaDB, PostgreSQL)
Experience working in Agile development environments
Strong written and verbal communication skills
Ability to operate effectively in a secure, in-person/closed-area environment
Desired Qualifications:
Experience with service mesh and identity platforms (Istio, Keycloak)
Demonstrated expertise in cloud-native and DevSecOps ecosystems, including Helm, YAML, GitLab, and ArgoCD
Strong knowledge of Active Directory
Experience with SAML, OAuth 2.0, OpenID Connect
Experience implementing observability and monitoring solutions (Grafana, Prometheus)
Familiarity with Open Policy Agent (OPA) and policy-as-code frameworks
Web development experience using React, TypeScript, Angular, with a focus on UI/UX
Experience architecting and developing ICAM / Identity Security systems and software
Familiarity with cross-domain solutions and secure data transfer in classified environments
Deep knowledge of Zero Trust frameworks, including:
NIST SP 800-207
NIST SP 800-63-4
DoD Zero Trust Reference Architecture (v2.0)
Relevant certifications such as CISSP, CISM, CASP+, Security+
Agile certifications (CSM, CSPO, SAFe)
Experience supporting large IDIQ contracts and federal acquisition processes
Experience supporting DoD and/or Intelligence Community (IC) programs
Belong, Connect and Grow at KBR
At KBR, we are passionate about our people and our Zero Harm culture. These inform all that we do and are at the heart of our commitment to, and ongoing journey toward being a People First company. That commitment is central to our team of team's philosophy and fosters an environment where everyone can Belong, Connect and Grow. We Deliver - Together.
KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.
Lead Architect - Identity, Credential, and Access Management (ICAM)
Belong. Connect. Grow. with KBR!
KBR is seeking a Lead Architect for Identity, Credential, and Access Management (ICAM) to lead the design, integration, and modernization of enterprise identity solutions supporting mission-critical systems within NASIC. This role serves as the technical lead for AFISRE and drives Zero Trust identity capabilities across NASIC and the AF enterprise in support of Air Force Digital Transformation initiatives. The ideal candidate will bring deep expertise in identity security, cloud-native architectures, and DevSecOps, with the ability to lead both technical teams and customer engagements.
Key Responsibilities:
Serve as the enterprise technical lead for ICAM architecture, engineering, and integration
Design and Execute the ICAM strategy, roadmap, and modernization initiatives
Architect and implement Zero Trust identity and access management solutions
Design authentication, authorization, federation, and identity governance capabilities
Integrate ICAM solutions across multi-domain, cloud, and mission system environments
Provide subject matter expertise in privileged access management (PAM) and identity governance
Ensure compliance with DoD, NIST, and Intelligence Community standards and frameworks
Lead and mentor engineering teams, architects, and developers
Engage directly with government stakeholders and mission partners
Support secure identity integration across data platforms, applications, and enterprise services
Lead customer engagement
Any other tasks closely associated with the performance of duties listed above
Required Qualifications:
Active Top Secret/SCI (TS/SCI) clearance
Bachelor's degree in a STEM field with 15+ years of relevant experience
Deep understanding of Zero Trust, Identity-as-a-Service (IDaaS), and modern access control models
Extensive experience designing and implementing enterprise ICAM solutions and PKI
Strong knowledge of Active Directory and enterprise identity services
Experience with authentication and federation protocols (SAML, OAuth 2.0, OpenID Connect)
Proven experience architecting cloud-based environments (AWS, Azure)
Hands-on experience with containerization and orchestration (Docker, Kubernetes)
Experience implementing DevSecOps practices and CI/CD pipelines
Proficiency in Linux/Unix operating systems
Development experience in Golang and Python
Experience with relational databases and SQL (MariaDB, PostgreSQL)
Experience working in Agile development environments
Strong written and verbal communication skills
Ability to operate effectively in a secure, in-person/closed-area environment
Desired Qualifications:
Experience with service mesh and identity platforms (Istio, Keycloak)
Demonstrated expertise in cloud-native and DevSecOps ecosystems, including Helm, YAML, GitLab, and ArgoCD
Strong knowledge of Active Directory
Experience with SAML, OAuth 2.0, OpenID Connect
Experience implementing observability and monitoring solutions (Grafana, Prometheus)
Familiarity with Open Policy Agent (OPA) and policy-as-code frameworks
Web development experience using React, TypeScript, Angular, with a focus on UI/UX
Experience architecting and developing ICAM / Identity Security systems and software
Familiarity with cross-domain solutions and secure data transfer in classified environments
Deep knowledge of Zero Trust frameworks, including:
NIST SP 800-207
NIST SP 800-63-4
DoD Zero Trust Reference Architecture (v2.0)
Relevant certifications such as CISSP, CISM, CASP+, Security+
Agile certifications (CSM, CSPO, SAFe)
Experience supporting large IDIQ contracts and federal acquisition processes
Experience supporting DoD and/or Intelligence Community (IC) programs
Belong, Connect and Grow at KBR
At KBR, we are passionate about our people and our Zero Harm culture. These inform all that we do and are at the heart of our commitment to, and ongoing journey toward being a People First company. That commitment is central to our team of team's philosophy and fosters an environment where everyone can Belong, Connect and Grow. We Deliver - Together.
KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.
group id: 10166755
We Value Our People
