Risk, Compliance, and Quality Assurance Specialist - Identity & Access Management Modernization

Job Description

Job DescriptionDescription:

Position Overview

We are seeking a Risk, Compliance, and Quality Assurance Specialist to support a large-scale Identity, Credential, and Access Management (ICAM) modernization initiative for a federal customer. This role is responsible for ensuring that modernized identity services and platforms comply with applicable security standards, regulatory requirements, and organizational policies while maintaining high-quality, consistent, and auditable delivery. The specialist will ensure that new capabilities are compliant, secure, and aligned with federal Zero Trust and identity governance objectives.

Requirements:

Key Responsibilities

Risk & Compliance

• Ensure modern ICAM solutions comply with federal standards and frameworks (e.g., NIST SP 800-63, FICAM, OMB M-22-09, Zero Trust Architecture guidance)
• Conduct risk assessments across modern identity platforms, authentication mechanisms, and access controls
• Identify, document, and track security and compliance risks within the modernized environment; maintain and support the program Risk Register
• Support ATO processes for modern systems, including control validation, documentation, and audit readiness
• Evaluate integrations with external identity providers (e.g., login.gov, ID.me, external Entra tenants) for compliance and security risks

Quality Assurance & Testing Oversight

• Establish and enforce QA standards for modern ICAM implementations, including identity lifecycle, federation, and PAM solutions
• Validate that testing processes (functional, security, integration) meet program and federal requirements
• Review releases and enhancements to ensure compliance with established quality benchmarks
• Collaborate with engineering teams to ensure consistent, reliable identity service delivery in the modernized architecture

Governance & Policy Alignment

• Develop and maintain compliance documentation, SOPs, and audit artifacts for the modern ICAM environment
• Ensure alignment with identity governance policies, including RBAC/ABAC/PBAC models and least privilege principles
• Support continuous monitoring efforts, including integration with SIEM tools (e.g., Splunk)
• Provide guidance on policy enforcement across cloud-native and modern identity services=

Stakeholder Engagement

• Work closely with program leadership, security teams, and system owners to ensure compliance and quality objectives are met
• Support audits, inspections, and reporting activities with federal stakeholders
• Provide recommendations to improve risk posture and operational maturity of the modernized ICAM solution

Required Qualifications

• 7+ years of experience in risk management, compliance, or quality assurance within cybersecurity or ICAM environments
• Experience supporting federal IT systems and compliance frameworks
• Demonstrated experience with ATO processes, risk assessments, and audit support
• Strong understanding of identity and access management concepts, including authentication, authorization, federation, and privileged access
• Experience working in cloud-based and modern identity environments

Required Certification (one of the following):

• Certified Information Privacy Professional/Government (CIPP/G)
• Certified Information Systems Auditor (CISA)
• Certified in Risk and Information Systems Control (CRISC)
• Certified Information Systems Security Professional (CISSP)
  

Preferred Qualifications

• Experience supporting ICAM modernization or Zero Trust initiatives
• Familiarity with FICAM architecture and federal identity mandates
• Experience with identity governance, lifecycle management, and access certification processes
• Knowledge of continuous diagnostics and monitoring (CDM) and SIEM integration
• Strong analytical, documentation, and communication skills