Senior Identity Engineering Services; R&D Specialist

Location: DHA locations in and around San Antonio, TX

Clearance Required: Public Trust (ADP/IT-II);
Tier 3 Investigation (NACLC)

The IdM R&D Engineer is a senior-level technical professional responsible for the design, development, and support of identity and access management solutions across the DHA enterprise. This role includes engineering support for Active Directory, Public Key Infrastructure (PKI), Privileged Access Management (PAM), Cryptographic Key Management, and other security-focused identity services. The engineer ensures systems comply with DoD directives, DISA STIGs, and DHA architectural standards.

• Design, document, and implement standardized, compliant, and forward-looking solutions for identity, access, and credential management, including PKI, PAM, and cryptographic key management.
• Engineer and maintain directory services architectures including Active Directory Domain Services (ADDS), Active Directory Lightweight Directory Services (ADLDS), and Secure DNS integrated with the latest DHA server baselines and DISA STIGs.
• Update and sustain the mJAD Architecture & Design Document and related engineering packages.
• Engineer and support the DHA PKI infrastructure in alignment with DoDI 8520.02, including CA migration, Middleware (e.g., Activ Identity), and Validator Suites (e.g., Axway).
• Maintain PKI Certificate Validation Suites and support certificate issuance across LAN/WLAN and Med-COI systems.
• Engineer identity management solutions to manage users, groups, and assets across hybrid on-prem and cloud environments, enforcing policy-based access to systems, SaaS, and resource partners.
• Develop identity and authentication architectures compliant with DoD Enterprise ICAM Reference Design and DoDI 8520.03.
• Deliver identity automation, alerting, reporting, and enforcement policies to meet MHS operational and security requirements.
• Engineer PKE solutions enabling X.509 certificate usage across MHS applications, ensuring integration with PKI for authentication, confidentiality, data integrity, and non-repudiation.
• Provide engineering support for certificate-enabled applications such as Activ Client and Axway Desktop Validator.
• Research, design, and test system-level and embedded software solutions, including network distribution platforms and compilers.
• Apply computer science, engineering, and mathematical analysis to develop scalable, secure software architectures for MHS systems.

• Microsoft Active Directory, ADLDS, DNS
• DoD PKI / Internal Medium Assurance (IMA)
• Activ Identity Activ Client, Axway Validator Suites
• DoD ICAM Reference Architecture
• Power Shell, LDAP, X.509 certificate utilities
• Remedy Ticketing System
• Microsoft Server Operating Systems
• DoD STIGs, DoDI 8520.02 / 03

1) Microsoft Certified: Cyber Security Architect Expert or Azure Solutions Architect Expert

2) Any of the following...

• Academic
  
  Education:
  
  Bachelor’s degree in information technology, Cybersecurity, or a related discipline.
• OR Baseline: GCLD or CCE or CASP+ or CEH or GLSC or CISSP