IDaaS Engineer - U.S. Citizenship Required

CGI•Fairfax, VA

10d•Hybrid

About The Position

CGI is one of the largest global IT companies, with a presence in more than 40 countries and endless opportunities to grow and expand your career. As a CGI Federal member, you will have the opportunity to become a shareholder and join a family of 90,000 professionals worldwide. CGI Federal has an exciting opportunity for an IAM Engineer to join our CDM Shared Services Program. In this role, you will be part of a cybersecurity team working to improve the security posture of a wide range of agencies by identifying and mitigating cyber risks. The Junior IAM Engineer will support Identity as a Service (IDaaS) and Identity and Access Management (IDAM) services. This consultant–engineering role is responsible for performing system implementation, integration, and support activities. The IAM Engineer serves as the face of client delivery and plays a critical role in delivering services and managing day‑to‑day client expectations. This position is located in one of CGI Federal's offices in Fairfax, VA or Lafayette, LA; however, a hybrid working model is acceptable. You will be required to work in a CGI Federal office two days per week.

Requirements

Due to contract requirements, U.S. citizenship and successful completion of a CGI background check are required prior to beginning work. Candidates must also be able to obtain and maintain a DHS EOD/Public Trust clearance.
Bachelor’s degree in engineering or a related discipline and 1–3 years of relevant work experience.
1–3 years of IT solution development, configuration, testing, and implementation experience with IAM products.
1–3 years of experience with Okta or Entra ID, including Access Certification, Automated Provisioning, and Governance.
Knowledge of Lightweight Directory Access Protocol (LDAP) and directory structures.
Training or experience in process definition, workflow design, and process mapping.
Demonstrated ability to contribute to the development of client deliverables, including technical documentation.
Excellent verbal and written communication skills.
Ability and initiative to set goals and execute effectively.
Ability to work within a team environment and maintain a strong work ethic.

Nice To Haves

1–3 years of consulting experience.
Familiarity with PowerShell script development for task automation.
Thorough understanding of Identity and Access Management (IAM), Privileged Access Management (PAM), user lifecycle management, and Identity Governance and Administration.
Deep knowledge of SaaS platforms and cloud foundations, including scalability, multi‑tenancy, security models, and integration patterns.
Understanding of modern authentication protocols such as SAML 2.0 and OIDC/OAuth.
Experience working within a SAFe Agile framework.
Experience with CISA’s Continuous Diagnostics and Mitigation (CDM) program.

Responsibilities

Design, develop, test, implement, and document workflows, integrations, and custom software to meet client requirements.
Implement Role-Based Access Control (RBAC) frameworks and least‑privileged access models based on top‑down and bottom‑up methodologies.
Perform hands-on administration, implementation, and configuration of security tools to enhance the risk posture of customer networks. Tools include Okta, MS Entra, and MFA phishing‑resistant tokens such as YubiKey.
Support IAM program requirements at federal agency client sites throughout the DC metro area, working closely with customer delivery managers to prioritize daily tasks.
Collaborate with cross‑functional teams, including network engineers, security analysts, and developers, to integrate security solutions into the broader IT infrastructure. Perform work within a SAFe Agile framework.
Develop and maintain documentation, including deployment guides, configuration and installation guides, and architecture diagrams.
Demonstrate self‑sufficiency, a growth mindset, and the ability to quickly learn new concepts while maintaining curiosity about emerging technologies.