**Description** Leidos is looking for a **ICAM Systems Administrator** to support a large U.S. Department of Justice (DOJ) program. The Antitrust Division of the U.S. Department of Justice (DOJ) is responsible for enforcing federal antitrust laws and promoting fair competition in the marketplace. The ICAM Systems Administrator will be responsible for the management, configuration, and support of enterprise-level Active Directory, Azure AD, and Okta environments. This role requires deep technical expertise in identity and access management (IAM) and the ability to ensure secure, scalable, and compliant user access solutions across the organization. The ICAM Systems Administrator will work closely with other IT teams to ensure identity systems are properly integrated, highly available, and secure. This work is located onsite in the DC area. **Key Responsibilities:** + Administer and manage on-premises Active Directory environment, ensuring it is secure, highly available, and properly configured. + Oversee Group Policy Objects (GPOs), Trusts, DNS, AD Sites and Services, and other AD components. + Perform user provisioning and de-provisioning, ensuring the application of best practices for Active Directory security (e.g., least privilege, proper account permissions, password policies). + Implement and manage Active Directory Federation Services (ADFS) for authentication and federation with cloud and external resources. + Manage Azure Active Directory (Azure AD) for cloud-based identity management, including the integration of on-premises AD with Azure AD using Azure AD Connect. + Administer Azure AD conditional access policies, ensuring secure and compliant access to cloud applications and resources. + Implement and configure Azure AD B2C (Business-to-Consumer) for user authentication in external-facing applications. + Manage Azure AD Connect, including troubleshooting, synchronization, and ensuring proper user identity lifecycle management. + Oversee the administration and integration of Okta for identity management, single sign-on (SSO), and multi-factor authentication (MFA) solutions. + Ensure the seamless integration of Okta with internal and third-party applications (e.g., Office 365, Salesforce, Google Workspace). + Manage and configure Okta Universal Directory, Lifecycle Management, and API Access Management. + Monitor the health and performance of AD, Azure AD, and Okta environments, proactively addressing any issues or potential vulnerabilities. + Develop and maintain PowerShell scripts for automating common tasks related to Active Directory, Azure AD, and Okta. + Create and maintain comprehensive documentation for all identity management systems and processes. **Qualifications:** + Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field with 8+ years of relevant experience. Equivalent work experience may also be considered. + 5+ years of hands-on experience in Identity and Access Management (IAM) with a strong focus on Active Directory, Azure AD, and Okta administration. + Proficient in Active Directory (AD) administration, including Group Policy, Active Directory Federation Services (ADFS), and AD sites/replication. + Strong experience managing and administering Azure Active Directory (Azure AD), including Azure AD Connect, Conditional Access, and Azure AD B2C. + Expertise in Okta configuration, including SSO, MFA, Lifecycle Management, and API Access Management. + Proficient in using PowerShell for automation and management of AD and Azure AD environments. + Knowledge of IAM-related protocols like SAML, OAuth, OpenID Connect, and LDAP. + Familiarity with security best practices in identity management, including multi-factor authentication (MFA) and role-based access control (RBAC). + Ability to analyze and resolve complex IAM issues, including authentication, access, and security problems. + Strong verbal and written communication skills, capable of explaining complex technical issues to both technical and non-technical stakeholders. + Ability to work cross-functionally with other teams, such as security, network, and applications teams, to address identity management challenges. **Desirable Skills:** + Certifications: Microsoft Certified: Azure Solutions Architect, Okta Certified Administrator, or other relevant IAM/security certifications. + Experience with Identity Governance tools like SailPoint or Saviynt. + Familiarity with cloud platforms (e.g., AWS, Google Cloud) and their IAM services. + Exposure to DevOps practices and how IAM can be integrated into CI/CD pipelines. **Original Posting:** April 16, 2025 For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. **Pay Range:** Pay Range $89,700.00 - $162,150.00 The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law. REQNUMBER: R-00157497 All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. Leidos will consider qualified applicants with criminal histories for employment in accordance with relevant Laws. Leidos is an equal opportunity employer/disability/vet.