ICAM Authentication & Federation Engineer - Edge Services in Fort Meade, Maryland at General Dynamics Information Technology

USA MD Fort Meade - Fort Meade (MDC025)
Full time
RQ221417
Type of Requisition:
Regular

Clearance Level Must Currently Possess:
Secret

Clearance Level Must Be Able to Obtain:
Secret

Public Trust/Other Required:
None

Job Family:
Software Engineering

Job Qualifications:

Skills:
Authentication, Ping Identity, Secure Authentication, Single Sign-On (SSO)
Certifications:
None
Experience:
10 + years of related experience
US Citizenship Required:
Yes

Job Description:

GDIT has an opportunity for an ICAM Engineer supporting a large line of business that delivers enterprise-scale Identity, Credential, and Access Management (ICAM) capabilities. This role supports the DoW ICAM mission by designing, developing, integrating, and maintaining Authentication and Federation services that enable secure access across enterprise, mission partner, coalition, tactical, and edge computing environments.

The ideal candidate is a senior hands-on identity engineer with expertise in PingFederate, enterprise Identity Providers (IdPs), federation services, and modern authentication technologies. This role focuses on authentication, federation, trust management, single sign-on (SSO), multi-factor authentication (MFA), and extending enterprise identity services to support distributed and disconnected operational environments.

This position is a Hybrid role with an estimated 25% of time expected on-site at our Fort Meade, MD facility.

HOW YOU WILL MAKE AN IMPACT:

• Design, develop, configure, and maintain enterprise authentication and federation services supporting both enterprise and edge ICAM architectures.
• Support PingFederate and related identity platforms used to provide authentication, federation, single sign-on (SSO), and trust management services.
• Engineer federation solutions that extend secure identity services to mission partners, coalition organizations, tactical users, and edge computing environments.
• Configure and maintain trust relationships with internal and external Identity Providers (IdPs), Service Providers (SPs), and federation partners.
• Develop and maintain integrations utilizing SAML 2.0, OAuth 2.0, OpenID Connect (OIDC), WS-Federation, and PKI-based authentication technologies.
• Support onboarding and integration of applications, mission partners, and external organizations into enterprise federation ecosystems.
• Design and implement authentication flows, token services, claims transformation, attribute mapping, and policy enforcement mechanisms.
• Support MFA, phishing-resistant authentication, certificate-based authentication, and emerging identity assurance capabilities.
• Collaborate with cybersecurity, cloud, infrastructure, and application teams to implement secure authentication and federation solutions.
• Support implementation of Zero Trust Architecture through modern authentication, federation, and identity assurance services.
• Troubleshoot and resolve complex issues involving authentication, federation, trust relationships, certificates, tokens, and identity assertions.
• Support deployment and sustainment of identity services operating in disconnected, intermittent, low-bandwidth (DDIL), and edge environments.
• Develop technical documentation including architecture diagrams, integration guides, SOPs, TTPs, and onboarding documentation.
• Participate in Agile development activities and support continuous improvement initiatives.
• Actively manage technical risks and contribute to mission readiness objectives.

WHAT YOU'LL NEED TO SUCCEED (Required):

Education: Bachelor's Degree. An additional 4 years of experience mat be substituted in lieu of degree.

Clearance: Minimum of an active Secret security clearance.

Certification: 8570/8140 IAT Level II certification (Security+ CE or higher).

Experience: 10+ years' experience supporting Identity and Access Management (IAM), Authentication, Federation, or ICAM solutions within government or regulated environments.

Technical Skills:

• Strong experience with PingFederate or equivalent federation technologies.
• Experience implementing and supporting enterprise Identity Provider (IdP) and federation services.
• Strong understanding of authentication, authorization, federation, and identity assurance concepts.
• Experience implementing and troubleshooting SAML 2.0, OAuth 2.0, OpenID Connect (OIDC), WS-Federation, and JWT technologies.
• Experience supporting PKI, certificate-based authentication, smart card authentication, and MFA solutions.
• Experience integrating applications, APIs, and enterprise services with federation platforms.
• Experience with Active Directory, LDAP directories, and enterprise identity repositories.
• Experience configuring claims, attribute mappings, policy enforcement, token transformations, and federation workflows.
• Experience supporting Linux and/or Windows Server environments.
• Experience deploying and supporting enterprise COTS products in secure customer environments.
• Experience working in Agile development environments and utilizing associated tools.

Desired Skills (Preferred):

• Experience with PingFederate clustering, high availability, and large-scale federation deployments.
• Experience with PingAccess, PingDirectory, PingOne, Okta, Entra ID, ADFS, Keycloak, or similar authentication platforms.
• Experience supporting DoW Enterprise ICAM, Federation Hub, or mission partner federation initiatives.
• Experience implementing federation solutions for coalition, partner, or cross-organizational environments.
• Experience supporting NIST 800-63 Identity Assurance Levels (IAL), Authenticator Assurance Levels (AAL), and Federation Assurance Levels (FAL).
• Experience with phishing-resistant authentication technologies and passwordless authentication solutions.
• Experience supporting disconnected, intermittent, low-bandwidth (DDIL) operational environments.
• Experience implementing federation solutions supporting tactical, expeditionary, or edge-computing use cases.
• Experience supporting Zero Trust Architecture and identity-centric security initiatives.
• Experience with container technologies such as Docker and Kubernetes.
• Familiarity with DoW PKI, CAC authentication, derived credentials, and certificate lifecycle management.
• Experience supporting FVEY, NATO, coalition, or mission partner federation architectures.

GDIT IS YOUR PLACE:
At GDIT, the mission is our purpose, and our people are at the center of everything we do.

• Growth: AI-powered career tool that identifies career steps and learning opportunities
• Support: An internal mobility team focused on helping you achieve your career goals
• Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off.
• Community: Award-winning culture of innovation and a military-friendly workplace.

OWN YOUR OPPORTUNITY:

• Explore a career in program management at GDIT and you'll find endless opportunities to grow alongside colleagues who share your passion for the mission and delivering results.

The likely salary range for this position is $144,500 - $195,500. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.

Scheduled Weekly Hours:
40

Travel Required:
10-25%

Telecommuting Options:
Hybrid

Work Location:
USA MD Fort Meade

Additional Work Locations:

Total Rewards at GDIT:
Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.

We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 26,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.

Join our Talent Community to stay up to date on our career opportunities and events at
gdit.com/tc.

Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

About Us

Join our 30,000 everyday heroes. We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology. For more information about GDIT's Privacy Policy, click here: