The Identity Access Management Spec Mid supports the SEC ISS contract by implementing and administering enterprise IAM services that secure authentication and authorization across SEC systems. This role manages Microsoft Entra ID capabilities across the full identity lifecycle, including provisioning, role-based access, and policy enforcement to maintain least-privilege access. The position supports integration with Microsoft 365 GCC and Azure services through MFA, conditional access, and identity governance controls. The specialist also supports Zero Trust and FISMA-aligned operations by maintaining audit-ready documentation, enforcing IAM standards, and resolving identity-related issues in coordination with SEC operations teams.

Primary Responsibilities

IAM Implementation and Administration

- Support implementation and day-to-day administration of IAM solutions across enterprise platforms.

- Manage joiner/mover/leaver identity lifecycle activities, including provisioning, deprovisioning, entitlement updates, and directory hygiene.

- Configure and maintain role-based access control (RBAC) aligned to approved access policies.

- Troubleshoot authentication, authorization, and account access issues; perform root-cause analysis and corrective actions.

Access Security and Policy Enforcement

- Configure and manage MFA, conditional access, and secure authentication controls in Microsoft Entra environments.

- Assist with enforcement of IAM policies, least-privilege principles, and segregation of duties across user and workload identities.

- Administer Entra Identity Governance functions such as access reviews, entitlement management, and identity governance workflows.

- Support privileged access governance activities and policy updates based on risk, operational changes, and compliance requirements.

Microsoft Cloud Identity Integration

- Support identity integration across Microsoft 365 GCC and Microsoft Azure services to ensure consistent secure access.

- Coordinate identity dependencies with cloud, endpoint, and enterprise operations teams for service onboarding and changes.

- Validate identity control implementation for new or modified services, including group-based access, policy targeting, and exception handling.

- Contribute to automation of repeatable IAM tasks to improve consistency, scalability, and operational efficiency.

Compliance, Audit, and Operational Readiness

- Maintain SOP-aligned IAM procedures and documentation to support continuing authorization and annual FISMA review activities.

- Provide artifacts and evidence for audit readiness, control validation, and remediation tracking.

- Support Zero Trust control enforcement objectives, including implementation of strong authentication and access controls.

- Record and track IAM service activities, incidents, and requests in approved ticketing/work management systems.

Required Qualifications

Citizenship/Work Authorization: Must meet contract requirements.

Clearance: Ability to obtain and maintain SEC Public Trust (or higher if required).

Education: Bachelor's degree in a relevant field (e.g., Information Technology, Computer Science, Engineering).

Experience:

At least 4 years of experience in identity and access management (IAM), identity security, or IT security operations.

Strong hands-on experience with Microsoft Entra ID (formerly Azure AD), including user lifecycle management and RBAC administration.

Experience implementing MFA, conditional access, user provisioning/deprovisioning, Entra Identity Governance, and identity lifecycle controls.

Understanding of compliance requirements and integration with Microsoft 365 services, including support for audit and control documentation in regulated environments.

Technical Skills:

- Microsoft Entra ID (Azure AD) administration

- Microsoft ICAM concepts and implementation familiarity

- Multi-Factor Authentication (MFA)

- Conditional Access policy configuration and management

- Role-Based Access Control (RBAC)

- Entra Identity Governance (access reviews, entitlement management)

- Identity lifecycle management (joiner/mover/leaver)

- Microsoft 365 GCC identity integration

- IAM workflow automation support

Preferred Qualifications

- Experience supporting IAM services on federal government IT programs.

- Hands-on experience with Entra ID Protection, Entra Workload ID, Entra Domain Services, and Entra Verified ID.

- Experience with Privileged Identity Management (PIM) and advanced least-privilege design patterns.

- Experience automating IAM workflows using PowerShell, Microsoft Graph, or similar scripting/API approaches.

- Familiarity with ServiceNow-based operations, SLA-driven support, and audit remediation execution.

- Microsoft Certified: Identity and Access Administrator Associate (SC-300)

- Microsoft Certified: Azure Security Engineer Associate (AZ-500)

- CompTIA Security+

WORK ENVIRONMENT / OTHER

Operational Support: May require participation in on-call or surge support activities depending on operational needs.

Location: Remote/Telework.

Travel: As required per contract direction.

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.

Original Posting:

May 13, 2026

Pay Range:

Pay Range $69,550.00 - $125,725.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.