IAM Engineer

About The Position

Requirements

• 5+ years of experience with the Okta Identity Engine platform, or identity platforms such as Entra, including API integration using REST or SCIM
• Experience in security protocols, including SAML, OIDC, and OAuth, and their implementation and functionality
• Experience with certificate management tools such as Venafi, Ent rus t, Micro sof t Certificate Authority ( MS CA ) , and AWS Certificate Authority ( AWS CA )
• Experience in designing, engineering, and operating Cryptographic Infrastructures, including Enterprise Key Management Systems ( EKMS ) , Public Key Infrastructure ( PKI ) , Validation Authorities ( VA ) , and Hardware Security Modules ( HSM ) for data security at rest, in tran sit , and in use
• Experience with Windows and Linux operating systems, as well as AWS cloud environments, particularly in cryptographic implementations and security operations
• E xperience with Public Key Infrastructure ( PKI ) , including its technologies, standards, and implementations, and in managing and configuring a PKI certificate authority
• Knowledge of web servers, middleware infrastructure components, and messaging technologies for enterprise-scale environments
• Ability to set up and manage Single Sign-On ( SSO ) , Multi-Factor Authentication ( MFA ) , and troubleshoot authentication issues
• Ability to obtain and maintain a Public Trust or Suitability/Fitness determination based on client requirements
• HS diploma or GED
• Due to the nature of work performed within this facility, U.S. citizenship is required.

Nice To Haves

• Experience mentoring junior team members and participating in cross-functional project team
• Experience with access management systems and LDAP components
• Experience with authentication protocols, including SAML, OAuth, or OpenID Connect, role-based access control ( RBAC ) , multi-factor authentication ( MFA ) , and identity federation across hybrid environments
• Experience developing engineering documentation, network baselines, and standardized deployment processes in alignment with Risk Management Framework ( RMF ) , NIST 800-53, and organizational compliance requirements

Responsibilities

• Support large-scale IAM projects for our clients
• Interface with stakeholders and engineering teams to delve into the details and dependencies of critical processes and users’ roles within them
• Analyze the identity lifecycle, articulating access requirements and defining enterprise identity records
• Design, deploy, and support systems that verify appropriate user privileges and manage credentials for accessing our clients’ most valuable assets
• Implement enterprise-class solutions and stop adversaries in their tracks

Benefits

• Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care.
• Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values.
• Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen’s benefit programs.
• Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits.