Job Requirements
Washington, DC
Public Trust Polygraph Unspecified
Career Level not specified
$98,000 - $163,000
Job Description
IT Cyber Security (Digital)
Up to 10%
Ability to Obtain Public Trust
:
The serves as a subject-matter expert in credential management systems with a primary focus on HSPD-12 Technologies, including Intercede MyID and PKI. This role provides advanced engineering, troubleshooting, and cloud-support services while collaborating with development, security, and infrastructure teams to design and maintain secure, scalable, automated solutions. The works independently or as part of a cross-functional team to support mission-critical environments.
• Provide engineering, operational, and lifecycle support for HSPD-12 and PIV credentialing environments in alignment with FICAM, NIST, FISMA, and agency policy requirements.
• Engineer, maintain, and enhance credential management platforms including Intercede MyID, HID credentialing technologies, supporting middleware, smart card components, and Windows Server/database infrastructure.
• Manage core PIV/PKI infrastructure including Hardware Security Modules (HSMs), Certificate Authorities (CAs), Registration Authorities (RAs), certificate profiles, key management systems, and OCSP/CRL services.
• Oversee secure configuration, patching, firmware updates, backups, monitoring, and lifecycle management for HSMs and PKI systems supporting certificate issuance and PIV key generation.
• Support cloud-hosted PIV/PKI services in AWS and Azure, including virtualized CAs, credentialing applications, and HSM-integrated workloads.
• Use Terraform, Ansible, and automation frameworks to provision, configure, and maintain secure, compliant cloud and hybrid environments hosting PIV and certificate services.
• Implement policy-as-code, configuration baselines, and automated deployments to ensure consistent enforcement of HSPD-12, NIST, and FICAM requirements.
• Automate deployment and maintenance of PIV credentialing applications, PKI services, middleware, and supporting components to ensure reliable and secure operations.
• Implement monitoring and alerting for critical PIV/PKI functions including certificate operations, HSM health, OCSP/CRL endpoints, issuance errors, and authentication performance.
• Troubleshoot complex issues across the credentialing ecosystem-including authentication devices, drivers, middleware, certificate chains, cryptographic services, and trust store configurations-across cloud and on-prem environments.
• Support full credential lifecycle operations including issuance, activation, suspension, revocation, renewal, auditing, and compliance documentation.
• Maintain operational baselines, perform root cause analysis of recurring PIV/PKI issues, and implement durable remediation to strengthen system reliability.
• Ensure high availability, redundancy, and disaster recovery readiness across PIV and PKI infrastructure through resilient engineering and operational best practices.
• Apply and enforce security best practices across cloud, on-prem, and credentialing systems to protect sensitive key material and maintain continuous compliance.
• Participate in audits, assessments, and accreditation activities to support continuous authorization for PIV and PKI systems.
• Minimum of FIVE (5) years of relevant IT or engineering experience, including at least 1-2 years of cloud support experience.
• Hands-on experience working with credential management systems including Intercede MyID, HID solutions, PKI infrastructures, and certificate lifecycle management platforms.
• Proven experience troubleshooting drivers, middleware, credentialing software, and authentication technologies.
• Experience supporting and engineering Windows environments, as well as performing DBA responsibilities for Intercede or similar systems.
• Bachelors degree from an accredited university.
• Ability to obtain and maintain a Federal or DoD Public Trust clearance; candidates must receive adjudication prior to onboarding.
• Candidates with an active Public Trust or Suitability determination are preferred.
• A Master's degree may substitute for four years of experience.
• A Master's degree may substitute for four years of experience.
Experience with DevSecOps and Cloud software deployments
The annual salary range for this position is $98,000.00-$163,000.00. Compensation decisions depend on a wide range of factors, including but not limited to skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs.
Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.
Benefits include:
- Medical, Rx, Dental & Vision Insurance
- Personal and Family Sick Time & Company Paid Holidays
- Parental Leave
- 401(k) Retirement Plan
- Group Term Life and Travel Assistance
- Voluntary Life and AD&D Insurance
- Health Savings Account, Health Care & Dependent Care Flexible Spending Accounts
- Transit and Parking Commuter Benefits
- Short-Term & Long-Term Disability
- Tuition Reimbursement, Personal Development, Certifications & Learning Opportunities
- Employee Referral Program
- Corporate Sponsored Events & Community Outreach
- Care.com annual membership
- Employee Assistance Program
- Supplemental Benefits via Corestream (Critical Care, Hospital Indemnity, Accident Insurance, Legal Assistance and ID theft protection, etc.)
- Position may be eligible for a discretionary variable incentive bonus
Guidehouse is an Equal Opportunity Employer-Protected Veterans, Individuals with Disabilities or any other basis protected by law, ordinance, or regulation.
Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.
If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at 1-571-633-1711 or via email at RecruitingAccommodation@guidehouse.com . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.
All communication regarding recruitment for a Guidehouse position will be sent from Guidehouse email domains including @guidehouse.com or guidehouse@myworkday.com . Correspondence received by an applicant from any other domain should be considered unauthorized and will not be honored by Guidehouse. Note that Guidehouse will never charge a fee or require a money transfer at any stage of the recruitment process and does not collect fees from educational institutions for participation in a recruitment event. Never provide your banking information to a third party purporting to need that information to proceed in the hiring process.
If any person or organization demands money related to a job opportunity with Guidehouse, please report the matter to Guidehouse's Ethics Hotline. If you want to check the validity of correspondence you have received, please contact recruiting@guidehouse.com . Guidehouse is not responsible for losses incurred (monetary or otherwise) from an applicant's dealings with unauthorized third parties.
Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.
group id: 91075284
In the rapidly expanding space of cryptocurrencies, the demand for skilled professionals in crypto investigator jobs are reaching new heights. Jumpstart your career in crypto with Guidehouse.