Today
Top Secret/SCI
Mid Level Career (5+ yrs experience)
$145,600 - $187,200
Occasional travel
IT - Security
Overview:
We are seeking a cleared Senior IAM Engineer with expertise in Keycloak, SSO, MFA, and federated identity management to support a government AWS program.
This position involves designing and deploying secure, scalable authentication and authorization systems integrating AWS, Active Directory, and third-party identity providers.
You will work closely with AWS architects, cloud security engineers, and federal stakeholders to modernize access management and implement Zero Trust principles across classified systems.
The role is primarily remote, with periodic travel to Salt Lake City, UT (all expenses paid).
Responsibilities:
Design, configure, and maintain a Keycloak-based IAM platform federated with AWS, Active Directory, and external IDPs.
Implement Single Sign-On (SSO) and Multi-Factor Authentication (MFA) across enterprise and partner systems.
Develop and enforce authentication protocols using SAML 2.0, OpenID Connect (OIDC), and OAuth2.
Integrate Certificate Authorities (CAs) and PKI infrastructure for cross-domain trust management.
Support one-way trust configurations and bring-your-own-identity (BYOI) solutions.
Conduct authorization boundary reviews in compliance with NIST 800-63 and government security controls.
Collaborate with AWS engineers and cybersecurity teams to implement Zero Trust and continuous authorization practices.
Required Qualifications:
Active TS/SCI clearance and U.S. citizenship
AWS Certified Solutions Architect – Associate (or higher)
5+ years of experience in Identity and Access Management (IAM)
Hands-on experience with Keycloak or equivalent IAM tools (Okta, ForgeRock, Ping Identity)
Deep understanding of SSO, MFA, SAML 2.0, OIDC, PKI, and trust configuration
Familiarity with Active Directory integration and federated identity models
Experience supporting federal or DoD environments
Preferred Skills:
AWS Security, Cognito, or IAM experience in GovCloud environments
Knowledge of Zero Trust architecture and NIST 800-63
Background in PKI management, certificate validation, and access boundary reviews
Why Join:
Fully remote with travel costs covered
Work on a mission-critical identity modernization program for a U.S. government customer
Long-term cleared role (through March 2026)
Collaborative, experienced AWS security team
We are seeking a cleared Senior IAM Engineer with expertise in Keycloak, SSO, MFA, and federated identity management to support a government AWS program.
This position involves designing and deploying secure, scalable authentication and authorization systems integrating AWS, Active Directory, and third-party identity providers.
You will work closely with AWS architects, cloud security engineers, and federal stakeholders to modernize access management and implement Zero Trust principles across classified systems.
The role is primarily remote, with periodic travel to Salt Lake City, UT (all expenses paid).
Responsibilities:
Design, configure, and maintain a Keycloak-based IAM platform federated with AWS, Active Directory, and external IDPs.
Implement Single Sign-On (SSO) and Multi-Factor Authentication (MFA) across enterprise and partner systems.
Develop and enforce authentication protocols using SAML 2.0, OpenID Connect (OIDC), and OAuth2.
Integrate Certificate Authorities (CAs) and PKI infrastructure for cross-domain trust management.
Support one-way trust configurations and bring-your-own-identity (BYOI) solutions.
Conduct authorization boundary reviews in compliance with NIST 800-63 and government security controls.
Collaborate with AWS engineers and cybersecurity teams to implement Zero Trust and continuous authorization practices.
Required Qualifications:
Active TS/SCI clearance and U.S. citizenship
AWS Certified Solutions Architect – Associate (or higher)
5+ years of experience in Identity and Access Management (IAM)
Hands-on experience with Keycloak or equivalent IAM tools (Okta, ForgeRock, Ping Identity)
Deep understanding of SSO, MFA, SAML 2.0, OIDC, PKI, and trust configuration
Familiarity with Active Directory integration and federated identity models
Experience supporting federal or DoD environments
Preferred Skills:
AWS Security, Cognito, or IAM experience in GovCloud environments
Knowledge of Zero Trust architecture and NIST 800-63
Background in PKI management, certificate validation, and access boundary reviews
Why Join:
Fully remote with travel costs covered
Work on a mission-critical identity modernization program for a U.S. government customer
Long-term cleared role (through March 2026)
Collaborative, experienced AWS security team
group id: 90970085
