FedRAMP Identity and Access Management (IAM) Engineer - Senior Level

SAPReston, VA
84d$120,800 - $253,800Hybrid
Match Resume

About The Position

At SAP, we enable you to bring out your best. Our company culture is focused on collaboration and a shared passion to help the world run better. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from. The position is for a Senior Identity and Access Management (IAM) Engineer to lead and support our secure, compliant, and scalable authentication, authorization, and account lifecycle processes. This role requires advanced knowledge of IAM technologies and standards, with a strong emphasis on FedRAMP, FISMA, and other federal compliance frameworks.

Requirements

  • Eligible for Tier 2 Public Trust security clearance (or higher) - U.S. Citizen or lawful permanent resident.
  • 7+ years of hands-on experience in IAM engineering, including at least 2+ years supporting FedRAMP, FISMA, or similar federal programs.
  • Expert-level knowledge of Identity governance and administration (IGA) principles and tools.
  • Expert-level knowledge of Active Directory (AD DS, ADFS, Azure AD), GPO, LDAP.
  • Expert-level knowledge of Linux authentication and PAM, SSH key management.
  • Expert-level knowledge of SSO/MFA protocols and technologies (SAML, OIDC, OAuth, FIDO2, Okta).
  • Expert-level knowledge of AWS IAM, SCPs, role assumption, and federation.
  • Strong understanding of NIST 800-53, FedRAMP Moderate/High controls, and least privilege / separation of duties concepts.
  • Experience preparing for and supporting compliance audits and assessments.
  • Proven scripting and automation experience (PowerShell, Bash, Python, etc.) for IAM-related tasks.
  • Excellent communication, documentation, and collaboration skills.

Responsibilities

  • Design, implement, and maintain IAM solutions that meet FedRAMP Moderate/High and other compliance requirements.
  • Design and manage secure account lifecycle processes (provisioning, modification, termination) across Windows/AD, Linux, cloud (AWS), and SaaS environments.
  • Operate and optimize Active Directory forests, domains, and trusts, including GPO, OU design, and privileged access management.
  • Administer Okta for identity federation, SSO, MFA, and directory integration, ensuring alignment with FedRAMP and NIST 800-53 controls.
  • Implement and maintain AWS IAM roles, policies, SCPs, and federation for secure cloud access.
  • Manage and secure Linux-based authentication and PAM solutions integrated with corporate directories.
  • Partner with security, compliance, and operations teams to support audits (PCI, SOC2, FedRAMP) and produce required evidence.
  • Develop and enforce IAM policies, standards, and procedures aligned with zero-trust principles and least privilege.
  • Troubleshoot and resolve identity-related incidents and requests in a timely and compliant manner.
  • Provide SME-level guidance to stakeholders on IAM technologies and security best practices.
  • Stay current with evolving federal regulations, IAM technologies, and industry trends.

Benefits

  • Flexible working models
  • Health and well-being programs
  • Learning and development opportunities
  • Recognition for individual contributions
  • Variety of benefit options

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Industry

Professional, Scientific, and Technical Services

Number of Employees

5,001-10,000 employees

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service