Posted today
Top Secret/SCI
Unspecified
CI Polygraph
IT - Security
Riverdale, MD (On-Site/Office)•Tampa, FL (On-Site/Office)•Alexandria, VA (On-Site/Office)•Colorado Springs, CO (On-Site/Office)
IAM Engineer
Program Description:
Identity is the control plane of modern cybersecurity. In this role, you’ll work as a security engineer with deep IAM expertise, designing and implementing identity solutions that protect mission-critical systems in complex, high-assurance environments.
This is not a tool-specific administrator role. While PingFederate is currently the primary identity provider, success in this role depends on strong IAM fundamentals, protocol-level understanding, and prior experience delivering identity solutions from design through implementation.
You’ll be responsible for shaping identity architecture, making protocol and trust decisions, and building hands-on integrations that enforce least privilege, support Zero Trust principles, and scale across enterprise environments.
Day to Day Responsibilities:
Design and implement enterprise IAM architectures, from requirements gathering through deployment
Serve as a technical authority on authentication, authorization, federation, and identity lifecycle
Make and document architecture decisions around SAML, OAuth 2.0, and OpenID Connect
Implement and support identity provider integrations, including custom federation and token logic
Troubleshoot complex IAM issues at the protocol and assertion level, not just configuration
Model identity lifecycles, roles, attributes, and access policies across applications
Integrate IdPs with Active Directory / LDAP and downstream systems
Support Zero Trust initiatives, including MFA and passwordless authentication
Work closely with application teams, security stakeholders, and system engineers to ensure identity solutions align with mission needs
Contribute to standards, patterns, and reusable IAM designs for future implementations
Required Skills:
Strong background as a security / systems engineer with deep hands-on IAM experience
Proven experience participating in IAM implementations from a design/architecture perspective
Experience with enterprise identity providers (PingFederate, Okta, Entra ID, or similar)
Deep understanding of SAML 2.0, OAuth 2.0, and OpenID Connect, including real-world tradeoffs
Experience building or troubleshooting custom federation and protocol integrations
Hands-on experience with REST APIs and identity automation
Experience integrating with Active Directory and/or LDAP
Ability to diagnose and resolve complex federation issues (claims mapping, token validation, trust failures)
Experience scripting or developing in Java, JavaScript, Python, PowerShell, or similar
Program Description:
Identity is the control plane of modern cybersecurity. In this role, you’ll work as a security engineer with deep IAM expertise, designing and implementing identity solutions that protect mission-critical systems in complex, high-assurance environments.
This is not a tool-specific administrator role. While PingFederate is currently the primary identity provider, success in this role depends on strong IAM fundamentals, protocol-level understanding, and prior experience delivering identity solutions from design through implementation.
You’ll be responsible for shaping identity architecture, making protocol and trust decisions, and building hands-on integrations that enforce least privilege, support Zero Trust principles, and scale across enterprise environments.
Day to Day Responsibilities:
Design and implement enterprise IAM architectures, from requirements gathering through deployment
Serve as a technical authority on authentication, authorization, federation, and identity lifecycle
Make and document architecture decisions around SAML, OAuth 2.0, and OpenID Connect
Implement and support identity provider integrations, including custom federation and token logic
Troubleshoot complex IAM issues at the protocol and assertion level, not just configuration
Model identity lifecycles, roles, attributes, and access policies across applications
Integrate IdPs with Active Directory / LDAP and downstream systems
Support Zero Trust initiatives, including MFA and passwordless authentication
Work closely with application teams, security stakeholders, and system engineers to ensure identity solutions align with mission needs
Contribute to standards, patterns, and reusable IAM designs for future implementations
Required Skills:
Strong background as a security / systems engineer with deep hands-on IAM experience
Proven experience participating in IAM implementations from a design/architecture perspective
Experience with enterprise identity providers (PingFederate, Okta, Entra ID, or similar)
Deep understanding of SAML 2.0, OAuth 2.0, and OpenID Connect, including real-world tradeoffs
Experience building or troubleshooting custom federation and protocol integrations
Hands-on experience with REST APIs and identity automation
Experience integrating with Active Directory and/or LDAP
Ability to diagnose and resolve complex federation issues (claims mapping, token validation, trust failures)
Experience scripting or developing in Java, JavaScript, Python, PowerShell, or similar
group id: 10313966
