Job Requirements
Reston, VA
Secret Polygraph Unspecified
Career Level not specified
$131,300 - $237,350
Job Description
R-00183977
Description
Serves as the hands-on technical lead for ICAM engineering, integration, onboarding, and operational delivery across enterprise, cloud, coalition, and mission environments. This role leads the implementation, configuration, troubleshooting, sustainment, and modernization of Zero Trust identity and access management services including authentication, authorization, federation, identity governance, privileged access management, and enterprise application integration capabilities aligned to DoD, FICAM, NIST, and Intelligence Community standards and frameworks.
The Lead ICAM Engineer is responsible for driving technical execution across the full ICAM lifecycle, including platform integration, application onboarding, federation engineering, claims transformation, provisioning automation, deployment automation, operational transition, and production sustainment. The role requires hands-on engineering leadership supporting enterprise ICAM modernization efforts across cloud-hosted, hybrid, multi-domain, and mission partner environments.
Primary Responsibilities
Required Qualifications
Required Certification(s):
Desired Qualifications:
If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.
Original Posting: May 22, 2026
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range: Pay Range $131,300.00 - $237,350.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
About Leidos
Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com .
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits .
Securing Your Data
Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at LeidosCareersFraud@leidos.com .
If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission .
Commitment to Non-Discrimination
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.
Description
Serves as the hands-on technical lead for ICAM engineering, integration, onboarding, and operational delivery across enterprise, cloud, coalition, and mission environments. This role leads the implementation, configuration, troubleshooting, sustainment, and modernization of Zero Trust identity and access management services including authentication, authorization, federation, identity governance, privileged access management, and enterprise application integration capabilities aligned to DoD, FICAM, NIST, and Intelligence Community standards and frameworks.
The Lead ICAM Engineer is responsible for driving technical execution across the full ICAM lifecycle, including platform integration, application onboarding, federation engineering, claims transformation, provisioning automation, deployment automation, operational transition, and production sustainment. The role requires hands-on engineering leadership supporting enterprise ICAM modernization efforts across cloud-hosted, hybrid, multi-domain, and mission partner environments.
Primary Responsibilities
- Work with senior leadership, customers, application owners, security teams, mission partners, and operations personnel to plan and execute ICAM engineering and integration activities using Agile methodologies.
- Lead hands-on configuration, integration, troubleshooting, and sustainment of ICAM platforms including Okta, Ping Federate, SailPoint, Delinea, Radiant Logic, HashiCorp, Corsha, Keycloak, Microsoft Entra ID, and related identity and access management technologies.
- Implement and maintain authentication, authorization, federation, identity governance, privileged access management, and application onboarding capabilities supporting Zero Trust and FICAM-aligned enterprise architectures.
- Lead integration and onboarding of legacy, cloud-native, SaaS, mission, and coalition applications into enterprise ICAM services.
- Troubleshoot federation, authentication, claims mapping, token transformation, provisioning, entitlement, and access control issues across enterprise and mission environments.
- Develop and maintain implementation procedures, onboarding standards, deployment documentation, operational engineering practices, and sustainment processes supporting ICAM delivery.
- Configure and integrate SAML 2.0, OIDC, OAuth 2.0, SCIM, REST APIs, PKI, CAC/PIV, MFA, and passwordless authentication technologies.
- Support implementation of RBAC, ABAC, context-aware access control, device posture validation, and risk-based authentication capabilities.
- Implement and maintain DevSecOps pipelines, infrastructure-as-code, deployment automation, and configuration management processes supporting ICAM services.
- Support integration of ICAM services across cloud, enterprise, hybrid, and multi-domain mission environments including AWS, GovCloud, IL5/IL6, and classified systems where applicable.
- Provide hands-on engineering support during testing, deployment, operational transition, incident response, troubleshooting, and production sustainment activities.
- Develop and present integration artifacts, implementation plans, deployment procedures, technical briefings, and operational status updates to internal and external stakeholders.
- Guide engineering teams in implementing scalable, secure, and operationally sustainable ICAM capabilities aligned to mission objectives.
- Serve as the technical lead for ICAM engineering, federation integration, application onboarding, and operational delivery activities while mentoring junior engineers.
- Recognized as a trusted technical leader for enterprise ICAM modernization, Zero Trust implementation, and mission integration.
Required Qualifications
- Active DoD Secret Clearance or higher.
- Typically requires BS degree and 12+ years relevant experience. Additional experience may be considered in lieu of degree.
- Experience with IdAM / ICAM delivery systems, authentication, authorization, federated identity management, identity governance, entitlement management, privileged access management, attributes, and digital policy management.
- Hands-on experience integrating and troubleshooting enterprise identity providers, federation services, MFA platforms, provisioning systems, and application onboarding solutions.
- Experience configuring and supporting SAML 2.0, OIDC, OAuth 2.0, SCIM, REST APIs, CAC/PIV, PKI, MFA, token-based authentication, and claims transformation technologies.
- Experience with security accreditation processes and implementation of identity-related security controls supporting DoD environments.
- Experience architecting, implementing, and sustaining enterprise cloud-hosted ICAM services within AWS or comparable cloud environments using infrastructure-as-code and automation concepts.
- Understanding of Zero Trust architecture, federation, RBAC, ABAC, risk-based authentication, context-aware access, and cloud-native security principles.
- Experience supporting application onboarding and federation integration across enterprise, cloud, mission, and coalition environments.
- Experience interacting with cross-functional teams including Software Development, Systems Engineering, Security, Operations, Compliance, Verification and Validation, and Quality Assurance.
- Experience working in Agile, SAFe, or Scrum environments using DevSecOps and CI/CD technologies such as Git, Jenkins, Docker, Azure DevOps, Puppet, Terraform, and Confluence.
- Knowledge of software configuration management lifecycle deliverables, operational sustainment processes, and deployment management practices.
- Excellent oral and written communication skills.
Required Certification(s):
- One or more DoD 8140.01 Level III Certifications
- Active Computing Environment certification relevant to job duties such as AWS Cloud, Microsoft Cloud, Okta, Ping Identity, SailPoint, Microsoft Entra ID, or related ICAM platform certifications.
Desired Qualifications:
- Minimum of one AWS Associate-level certification such as AWS Certified Solutions Architect Associate, AWS Certified Developer Associate, or AWS Certified SysOps Administrator Associate.
- Experience supporting C2S, DoD cloud, GovCloud, IL5/IL6, or classified mission environments.
- Experience implementing CloudFormation, Terraform, serverless architectures, and cloud-native deployment patterns.
- Experience integrating legacy, COTS, SaaS, cloud-native, financial management, and mission applications into enterprise ICAM services.
- Experience supporting large-scale ICAM modernization, application migration, and federation onboarding initiatives.
- Experience with API security, secrets management, certificate lifecycle management, claims transformation, and token exchange capabilities.
- Familiarity with NIST 800-53, NIST 800-63, DoD Zero Trust guidance, and FICAM architectures.
- TS/SCI eligible.
If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.
Original Posting: May 22, 2026
For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range: Pay Range $131,300.00 - $237,350.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
About Leidos
Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com .
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits .
Securing Your Data
Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at LeidosCareersFraud@leidos.com .
If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission .
Commitment to Non-Discrimination
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.
group id: SCNCAPI2
Introducing the Next Level of Leidos
