Booz Allen HamiltonRemote
Identity Provider Engineer
United States of America
Full Time
1 week ago
$87,000 - $198,000 USD
No H1B
Key skills
IdentityAccess Management (IAM)Ping FederateOktaEntra IDSAML 2.0OAuth 2.0OpenID Connect (OIDC)JavaJavaScriptPythonPowerShellGroovyRESTful APIsActive Directory (AD)LDAPZero Trust architecturesPassword-less authenticationMultifactor authentication (MFA)AWSAzureGoogle CloudIAMAzure ADOAuthSAMLActive DirectoryIdentity ManagementSingle Sign-OnCognitoRESTfulCI/CDCommunicationZero Trust
About this role
Booz Allen Hamilton is a leader in cybersecurity, and they are seeking an Identity Provider Engineer to support large-scale IAM projects. In this role, you will analyze identity lifecycles, articulate access requirements, and implement enterprise-class solutions to secure user identities and manage credentials.
Responsibilities:
- Support large-scale IAM projects for clients
- Interface with stakeholders and engineering teams to delve into the details and dependencies of critical processes and users’ roles
- Analyze the identity lifecycle, articulating access requirements and defining enterprise identity records
- Design, deploy, and support systems that verify appropriate user privileges and manage credentials for accessing clients’ most valuable assets
- Implement enterprise-class solutions for single sign-on to privileged access systems
Requirements:
- Experience with Ping Federate, Okta, or Entra ID
- Experience with SAML 2.0, OAuth 2.0, and OpenID Connect (OIDC)
- Experience developing custom SAML, OAuth, and OIDC integrations and troubleshooting protocol exchanges
- Experience with languages used for identity platform development and automation such as Java, JavaScript, Python, PowerShell, or Groovy
- Experience working with RESTful APIs to integrate identity providers with external applications and automate identity lifecycle processes
- Experience integrating and synchronizing with Active Directory (AD) or LDAP
- Knowledge of Zero Trust architectures and implementation of password-less authentication or multifactor authentication (MFA) within the IdP environment
- Ability to resolve complex identity and federation issues, including token validation errors, assertion mismatches, and connectivity problems
- Active TS/SCI clearance; willingness to take a polygraph exam
- HS diploma or GED
- Experience with Ping Identity Suite tools, including development using PingFederate, PingAccess, PingDirectory, or PingOne with custom workflows and scripting
- Experience building or enhancing automated user lifecycle management using System for Cross-domain Identity Management protocols
- Experience integrating identity provider code and configurations into DevOps and CI/CD pipelines for automated build and deployment workflows
- Knowledge of advanced Okta development features such as Okta Workflows, Custom Authorization Servers, Inline Hooks, and Okta APIs for enhanced platform customization
- Knowledge of compliance and regulatory standards such as NIST, FedRAMP, HIPAA, or other frameworks relevant to identity management solutions
- Knowledge of cloud identity platforms such as AWS Cognito, Azure AD B2C, or Google Cloud Identity
- Possession of excellent verbal and written communication skills
- TS/SCI clearance with a polygraph
- Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field