Cyber Engineer - Identity Management Lead

Job Family:
IT Cyber Security

Travel Required:
None

Clearance Required:
Active Secret

What You Will Do:

Our Cybersecurity Consultants are a team of business integrators with extensive consulting and industry experience who help our clients solve their complex business issues from strategy through execution. A career in an integrated team of developers and consultants provides the opportunity to grow and contribute to our clients' business issues every day, applying a collection of security spectrum capabilities, including security strategy and governance, IT risk, security technologies, and cybercrime and breach response.

We are seeking an experienced Cyber Engineer - Identity Management Lead to lead the design, assessment, and implementation of projects to advance the identity pillar for the Zero Trust Architecture. This role is ideal for a strategic thinker and hands-on technologist who thrives in dynamic environments and is passionate about advancing cybersecurity maturity across complex organizations. Must bring deep expertise in ICAM /IAM principles, with hands-on experience on industry-leading security platforms, and a strong understanding of emerging trends and government-driven maturity frameworks (CISA Zero Trust Maturity Model(s) and DoD Zero Trust Strategy).

This role will be responsible for guiding enterprise identity transformation initiatives, conducting detailed maturity assessments, and providing architectural leadership to ensure secure, scalable, and resilient solutions for our federal government clients.

Key Responsibility Areas include, but are not limited to:

ICAM Architecture & Strategy

• Design, document, and maintain enterprise ICAM architectures, strategies and policies.
• Define strategic roadmaps and reference architecture aligned with organizational objectives and mission requirements.
• Partner with cross-functional teams to embed Zero Trust principles into technology modernization efforts, cloud transitions, and cybersecurity initiatives.
• Partner with cybersecurity, network engineering, cloud, DevSecOps, and governance teams to ensure cohesive implementation and maturity.
• Perform organizational assessments using the CISA Zero Trust Maturity Model.
• Produce gap analyses and prioritized remediation plans aligned with maturity expectations.

Technology Expertise & Implementation

• Evaluate and architect solutions leveraging leading Zero Trust technologies, particularly:
  • CrowdStrike (endpoint detection and response, identity protection).
  • Zscaler (Zero Trust access, secure web gateway, private access).
  • Okta (identity and access management, MFA, lifecycle management).
• Automate Zero Trust processes to improve scalability, efficiency, and compliance while adhering to established security policies.
• Support solution engineering, configuration guidance, integration patterns, and proof-of-concept deployments across hybrid and multi-cloud environments.

Industry Research & Thought Leadership

• Continuously monitoring emerging Zero Trust trends, frameworks, technologies, and threat intelligence.
• Advise senior leadership on advancements and evolving best practices in Zero Trust architecture and secure-by-design methodologies.
• Develop documentation, whitepapers, or briefings to support executive decision-making.

What You Will Need:

• Minimum of EIGHT (8) years of experience in IT or managing large-scale deployments and cross-functional technical teams with five (5) years of US Federal government consulting experience.
• An ACTIVE and MAINTAINED "SECRET" Federal or DoD security clearance .
• Experience working in federal civilian, defense contractor, or highly regulated environments.
• Experience leading teams for ICAM / IAM operations, including ICAM/IAM system requirements, design, implementation, integration, testing, or change management.
• Hands-on experience with Zero Trust technology platforms (e.g., Okta, EntraID, SailPoint, Radiant Logic).
• Deep understanding of identity-centric security, segmentation, continuous monitoring, and least privileged access.
• Demonstrated ability to lead enterprise-scale architecture efforts and communicate effectively with both technical and executive stakeholders.
• Excellent verbal and written communication skills, with the ability to articulate technical issues and project goals to both technical and non-technical audiences.
• Strong people skills managing a diverse set of stakeholders and direct client management experience.
• Strong analytical and problem-solving skills.

What Would Be Nice To Have:

• Project Management Professional (PMP) certification or Certified ScrumMaster (CSM) certification.
• Certifications such as CISSP, CCSP, CISM, Okta Certified Professional, Zscaler ZCCA-IA / ZCCP-IA, or CrowdStrike certifications.
• Knowledge of NIST 800-53, 800-207, RMF, FedRAMP, and related frameworks.
• Experience with SIEM, SOAR, SASE, and identity threat detection and response technologies.
• Strong practical experience applying and assessing organizations against DoD and CISA Zero Trust Maturity Models.

The annual salary range for this position is $113,000.00-$188,000.00. Compensation decisions depend on a wide range of factors, including but not limited to skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs.

What We Offer:

Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.

Benefits include:

• Medical, Rx, Dental & Vision Insurance
  
• Personal and Family Sick Time & Company Paid Holidays
  
• Parental Leave
  
• 401(k) Retirement Plan
  
• Group Term Life and Travel Assistance
  
• Voluntary Life and AD&D Insurance
  
• Health Savings Account, Health Care & Dependent Care Flexible Spending Accounts
  
• Transit and Parking Commuter Benefits
  
• Short-Term & Long-Term Disability
  
• Tuition Reimbursement, Personal Development, Certifications & Learning Opportunities
  
• Employee Referral Program
  
• Corporate Sponsored Events & Community Outreach
  
• Care.com annual membership
  
• Employee Assistance Program
  
• Supplemental Benefits via Corestream (Critical Care, Hospital Indemnity, Accident Insurance, Legal Assistance and ID theft protection, etc.)
  
• Position may be eligible for a discretionary variable incentive bonus
  

About Guidehouse

Guidehouse is an Equal Opportunity Employer-Protected Veterans, Individuals with Disabilities or any other basis protected by law, ordinance, or regulation.

Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.

If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at View phone number on click.appcast.io or via email at View email address on click.appcast.io. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.

All communication regarding recruitment for a Guidehouse position will be sent from Guidehouse email domains including @guidehouse.com or View email address on click.appcast.io. Correspondence received by an applicant from any other domain should be considered unauthorized and will not be honored by Guidehouse. Note that Guidehouse will never charge a fee or require a money transfer at any stage of the recruitment process and does not collect fees from educational institutions for participation in a recruitment event. Never provide your banking information to a third party purporting to need that information to proceed in the hiring process.

If any person or organization demands money related to a job opportunity with Guidehouse, please report the matter to Guidehouse's Ethics Hotline. If you want to check the validity of correspondence you have received, please contact View email address on click.appcast.io. Guidehouse is not responsible for losses incurred (monetary or otherwise) from an applicant's dealings with unauthorized third parties.

Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.