Job Requirements
Remote
Top Secret/SCI Polygraph Unspecified
Career Level not specified
$105,100 - $231,100
Job Description
Job Title: ClouId Identity & Access Management - SOCEUR
Job Category: Information Technology
Time Type: Full time
Minimum Clearance Required to Start: TS/SCI
Employee Type: Regular
Percentage of Travel Required: Up to 10%
Type of Travel: Local
* * *
As a CACI Cloud Identity & Access Management (IAM) Engineer to architect, build, and maintain the highly available authorization infrastructure for the Special Operations Command Europe (SOCEUR) Hybrid Threat Action Platform (HTAP) ecosystem on Google Cloud Platform (GCP). This role sits inside the HTAP program team and is responsible for designing the core identity federation, access policies, and security boundaries that protect mission-critical data. The individual will architect distributed authorization systems, broker identities between unclassified and classified environments, and implement a zero-trust security model. The individual will interact regularly with cybersecurity architects, application developers, and platform engineers to ensure secure, auditable, and least-privilege access across all systems.
-
At CACI, we place character and innovation at the center of everything we do. As a valued team member, you'll be part of a high-performing group dedicated to our customer's missions and driven by a higher purpose - to ensure the safety of our nation.
CACI values the unique contributions that every employee brings to our company and our customers - every day. You'll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.
Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground - in your career and in our legacy.
:
There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.
Since this position can be worked in more than one location, the range shown is the national average for the position.
The proposed salary range for this position is:
$105,100-$231,100
CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.
Job Category: Information Technology
Time Type: Full time
Minimum Clearance Required to Start: TS/SCI
Employee Type: Regular
Percentage of Travel Required: Up to 10%
Type of Travel: Local
* * *
As a CACI Cloud Identity & Access Management (IAM) Engineer to architect, build, and maintain the highly available authorization infrastructure for the Special Operations Command Europe (SOCEUR) Hybrid Threat Action Platform (HTAP) ecosystem on Google Cloud Platform (GCP). This role sits inside the HTAP program team and is responsible for designing the core identity federation, access policies, and security boundaries that protect mission-critical data. The individual will architect distributed authorization systems, broker identities between unclassified and classified environments, and implement a zero-trust security model. The individual will interact regularly with cybersecurity architects, application developers, and platform engineers to ensure secure, auditable, and least-privilege access across all systems.
- Architect and scale large-scale, distributed cloud-native authorization services on GCP to support massive query loads and enforce granular access control.
- Lead the design and implementation of identity federation between on-premises/external identity providers and Google Cloud Identity, using protocols like SAML and OIDC.
- Integrate and manage identity platforms such as Keycloak with Google Workspace to implement strict Role-Based Access Control (RBAC) and Multi-Factor Authentication (MFA), including CAC/PIV integration.
- Design, manage, and audit IAM policies, roles, and bindings as code using Terraform to ensure an automated, repeatable, and secure identity lifecycle.
- Engineer and enforce access control strategies for multi-level security environments, managing identity and access across different security domains (e.g., Unclassified to Secret).
- Develop and implement context-aware access policies and zero-trust principles to protect sensitive data and APIs.
- Conduct regular security assessments and audits of IAM policies, access permissions, and service account usage to identify and remediate risks.
- Collaborate with the security operations team to provide IAM-specific context during incident response and threat analysis.
- Must be a US Citizen possessing an active TS/SCI security clearance.
- Bachelor's degree in Computer Science, Cybersecurity, or a related field (or equivalent practical experience).
- 5+ years of experience in backend software engineering or security engineering, with at least 3+ years specifically focused on designing and implementing Identity and Access Management (IAM) systems on a major cloud platform (GCP preferred).
- Deep expertise in identity federation protocols (SAML, OAuth, OIDC) and experience integrating with identity providers (e.g., Keycloak, Azure AD, Okta).
- Hands-on experience with Google Cloud IAM, Google Cloud Identity, and Google Workspace, including service accounts, workload identity, and organization policies.
- Experience with Infrastructure as Code (IaC), specifically using Terraform to manage IAM resources.
- Strong proficiency in a language like Python, Go, or C++ for building scalable backend systems.
- Experience with Public Key Infrastructure (PKI) and integrating smart card authentication (CAC/PIV).
- Google Cloud Professional Cloud Security Engineer certification.
- One of the following advanced security or identity certifications: CISSP, CCSP, or Certified Identity and Access Manager (CIAM).
- Google Workspace Professional Collaboration Engineer certification.
- • Experience using AI-assisted tools for secure software development and debugging.
- • Experience working in a high-availability, low-latency distributed services environment.
-
At CACI, we place character and innovation at the center of everything we do. As a valued team member, you'll be part of a high-performing group dedicated to our customer's missions and driven by a higher purpose - to ensure the safety of our nation.
CACI values the unique contributions that every employee brings to our company and our customers - every day. You'll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.
Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground - in your career and in our legacy.
:
There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.
Since this position can be worked in more than one location, the range shown is the national average for the position.
The proposed salary range for this position is:
$105,100-$231,100
CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.
group id: caci
CACI Careers – Your potential is limitless. So is ours.