Identity & Access Management (IAM) Engineer with Security Clearance

You will need to login before you can apply for a job.

Employer: Government Acquisitions, Inc. | Location: Bethesda | Salary: Competitive | Closing date: 23 May 2025

Sector: IT | Job Role: Identity Access Management (IAM) | Job Type: Permanent

Government Acquisitions Inc. (GAI) is seeking an Identity and Access Management (IdAM) Engineer to support a Federal Government Agency. The System Administrator will maintain enterprise identity management solutions, troubleshoot incidents, and assist with transitioning new capabilities to production. Responsibilities include validating the health, status, operations, and maintenance of identity management systems such as Keycloak and OpenID Connect (OIDC). This is a 100% on-site position at the Intelligence Community Campus in Bethesda, MD.

1. Design and implement IAM solutions using Keycloak for authentication and authorization based on OIDC, OAuth2, and SAML protocols.
2. Integrate Keycloak with internal and external applications, APIs, and third-party services for secure access and identity federation.
3. Manage and maintain the Keycloak infrastructure, including clustering, performance tuning, and monitoring.
4. Implement custom authentication flows, policies, and user federation strategies using Keycloak.
5. Collaborate with DevOps and infrastructure teams to ensure scalability, security, and high availability of Keycloak deployments.
6. Automate identity and access workflows, including user provisioning, de-provisioning, and RBAC.
7. Provide expertise on OIDC/OAuth2 standards, ensuring compliance with security requirements.
8. Troubleshoot authentication, authorization, and access control issues.
9. Document system configurations, processes, and troubleshooting procedures.
10. Conduct security audits and recommend IAM improvements.
11. Participate in cross-functional teams on IAM, DevSecOps, and security initiatives.
12. Support identity management systems, troubleshoot issues, and develop solutions.
13. Provide reports and feedback for root cause analysis and process improvements.
14. Update operations documentation for 24/7 enterprise support.
15. Work with Operations, Engineering, and vendors to resolve technical issues.
16. Work independently and as part of a virtual team.
17. Mentor and train junior team members.

• Bachelor's degree in Computer Science, IT, or related field, or equivalent experience.
• 3-5 years of IAM experience with Keycloak and OIDC/OAuth2.
• Hands-on experience with Keycloak deployment and management.
• Deep understanding of OIDC, OAuth2, SAML, LDAP.
• Proficiency in Java, Python, or scripting languages.
• Experience with LDAP, Active Directory, social identity providers.
• Familiarity with DevOps, CI/CD, Docker, Kubernetes, Terraform.
• Strong problem-solving and debugging skills.
• Ability to work in Agile/Scrum teams.
• Excellent communication skills.
• Must meet DoD 8570.11– IAT Level II certification requirements (e.g., Security+ CE).

• 5+ years in IAM or security engineering roles.
• Experience with cloud platforms (AWS, Azure, GCP).
• Experience with identity governance tools (e.g., SailPoint, Okta).
• Knowledge of API security and microservices security practices.
• Experience with MFA, SSO, zero-trust architectures.

• Candidate must have a TS/SCI clearance.
• Additional experience may substitute for education.

About GAI: Government Acquisitions, Inc. is dedicated to Federal mission success with expertise in AI, Big Data, Cloud, and Cybersecurity. We are committed to a diverse, harassment-free workplace.