ICAM Authentication & Federation Engineer - Edge Services

GDIT has an opportunity for an ICAM Engineer supporting a large line of business that delivers enterprise-scale Identity, Credential, and Access Management (ICAM) capabilities. This role supports the DoW ICAM mission by designing, developing, integrating, and maintaining Authentication and Federation services that enable secure access across enterprise, mission partner, coalition, tactical, and edge computing environments.The ideal candidate is a senior hands-on identity engineer with expertise in PingFederate, enterprise Identity Providers (IdPs), federation services, and modern authentication technologies. This role focuses on authentication, federation, trust management, single sign-on (SSO), multi-factor authentication (MFA), and extending enterprise identity services to support distributed and disconnected operational environments.This position is a Hybrid role with an estimated 25% of time expected on-site at our Fort Meade, MD facility.HOW YOU WILL MAKE AN IMPACT:

• Design, develop, configure, and maintain enterprise authentication and federation services supporting both enterprise and edge ICAM architectures.
• Support PingFederate and related identity platforms used to provide authentication, federation, single sign-on (SSO), and trust management services.
• Engineer federation solutions that extend secure identity services to mission partners, coalition organizations, tactical users, and edge computing environments.
• Configure and maintain trust relationships with internal and external Identity Providers (IdPs), Service Providers (SPs), and federation partners.
• Develop and maintain integrations utilizing SAML 2.0, OAuth 2.0, OpenID Connect (OIDC), WS-Federation, and PKI-based authentication technologies.
• Support onboarding and integration of applications, mission partners, and external organizations into enterprise federation ecosystems.
• Design and implement authentication flows, token services, claims transformation, attribute mapping, and policy enforcement mechanisms.
• Support MFA, phishing-resistant authentication, certificate-based authentication, and emerging identity assurance capabilities.
• Collaborate with cybersecurity, cloud, infrastructure, and application teams to implement secure authentication and federation solutions.
• Support implementation of Zero Trust Architecture through modern authentication, federation, and identity assurance services.
• Troubleshoot and resolve complex issues involving authentication, federation, trust relationships, certificates, tokens, and identity assertions.
• Support deployment and sustainment of identity services operating in disconnected, intermittent, low-bandwidth (DDIL), and edge environments.
• Develop technical documentation including architecture diagrams, integration guides, SOPs, TTPs, and onboarding documentation.
• Participate in Agile development activities and support continuous improvement initiatives.
• Actively manage technical risks and contribute to mission readiness objectives.

WHAT YOU’LL NEED TO SUCCEED (Required):Education: Bachelor’s Degree.  An additional 4 years of experience mat be substituted in lieu of degree.Clearance: Minimum of an active Secret security clearance.Certification: 8570/8140 IAT Level II certification (Security+ CE or higher).Experience: 10+ years’ experience supporting Identity and Access Management (IAM), Authentication, Federation, or ICAM solutions within government or regulated environments.Technical Skills:

• Strong experience with PingFederate or equivalent federation technologies.
• Experience implementing and supporting enterprise Identity Provider (IdP) and federation services.
• Strong understanding of authentication, authorization, federation, and identity assurance concepts.
• Experience implementing and troubleshooting SAML 2.0, OAuth 2.0, OpenID Connect (OIDC), WS-Federation, and JWT technologies.
• Experience supporting PKI, certificate-based authentication, smart card authentication, and MFA solutions.
• Experience integrating applications, APIs, and enterprise services with federation platforms.
• Experience with Active Directory, LDAP directories, and enterprise identity repositories.
• Experience configuring claims, attribute mappings, policy enforcement, token transformations, and federation workflows.
• Experience supporting Linux and/or Windows Server environments.
• Experience deploying and supporting enterprise COTS products in secure customer environments.
• Experience working in Agile development environments and utilizing associated tools.

Desired Skills (Preferred):

• Experience with PingFederate clustering, high availability, and large-scale federation deployments.
• Experience with PingAccess, PingDirectory, PingOne, Okta, Entra ID, ADFS, Keycloak, or similar authentication platforms.
• Experience supporting DoW Enterprise ICAM, Federation Hub, or mission partner federation initiatives.
• Experience implementing federation solutions for coalition, partner, or cross-organizational environments.
• Experience supporting NIST 800-63 Identity Assurance Levels (IAL), Authenticator Assurance Levels (AAL), and Federation Assurance Levels (FAL).
• Experience with phishing-resistant authentication technologies and passwordless authentication solutions.
• Experience supporting disconnected, intermittent, low-bandwidth (DDIL) operational environments.
• Experience implementing federation solutions supporting tactical, expeditionary, or edge-computing use cases.
• Experience supporting Zero Trust Architecture and identity-centric security initiatives.
• Experience with container technologies such as Docker and Kubernetes.
• Familiarity with DoW PKI, CAC authentication, derived credentials, and certificate lifecycle management.
• Experience supporting FVEY, NATO, coalition, or mission partner federation architectures.

GDIT IS YOUR PLACE:
At GDIT, the mission is our purpose, and our people are at the center of everything we do.

• Growth: AI-powered career tool that identifies career steps and learning opportunities
• Support: An internal mobility team focused on helping you achieve your career goals
• Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off.
• Community: Award-winning culture of innovation and a military-friendly workplace.

OWN YOUR OPPORTUNITY:

• Explore a career in program management at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your passion for the mission and delivering results.