System Engineer

Job Title: System Engineer

Location: San Antonio, TX (On-site)

Clearance: This role requires a current Top Secret or Top Secret w/SCI level security clearance.

Certification: CompTIA Security+ or (must be willing to obtain within six months of hire)

Position Summary:

The Principal Enterprise Services & Identity Architect provides senior technical leadership in support of the Government Product Manager for Platform One Enterprise Services. This role is responsible for the architecture, integration, and operation of centrally managed shared services that underpin all Platform One products and mission environments.

Key Responsibilities:

Enterprise Identity & Access Management (IAM)

• Serve as the technical authority for enterprise identity and access management across Platform One.
• Lead the design, integration, and migration from Keycloak to the DAF ICAM (Okta-based) identity solution.
• Ensure identity services support federated access, role-based access control (RBAC), attribute-based access control (ABAC), and mission partner integration.
• Advise on identity architecture decisions impacting platform security, usability, and interoperability.
• Ensure identity implementations align with DoD, DAF, and zero trust identity requirements.

Zero Trust Architecture & Networking

• Architect and oversee cloud-based network transport connecting Platform One resources across environments.
• Apply zero trust principles to identity, networking, and access control decisions.
• Ensure secure service-to-service communication and enforcement of least-privilege access across platforms.
• Collaborate with security and network teams to continuously evolve the enterprise zero trust posture.

Shared Enterprise Services Ownership

• Provide technical oversight for centrally managed enterprise services, including:
• Identity platforms (Keycloak, Okta / DAF ICAM)
• Cloud and enclave network connectivity
• Palo Alto firewall infrastructure
• Elastic- and Grafana-based SIEM and observability services
• Enterprise help desk and user support services
• Ensure shared services are reliable, scalable, secure, and aligned with mission needs.

Security Operations & Compliance

• Ensure enterprise services operate in accordance with approved Authority to Operate (ATO) conditions.
• Support audits, assessments, and cybersecurity reviews related to identity, networking, and shared services.
• Evaluate proposed changes for security impact, operational risk, and compliance alignment.

Government Advisory & Product Support

• Act as a senior technical advisor to the Enterprise Services Product Manager.
• Provide recommendations on capability roadmap decisions, architectural tradeoffs, and integration strategies.
• Translate enterprise requirements into actionable technical architectures and implementation plans.

Enterprise Integration & Coordination

• Coordinate with Big Bang, Party Bus, and other Platform One product teams to ensure seamless integration with enterprise services.
• Partner with security, networking, and operations stakeholders across the DoD ecosystem.
• Communicate complex identity and security concepts clearly to both technical and non-technical audiences.