To Apply for this Job Click Here
Responsibilities
- Lead architecture, implementation, and administration of SailPoint IdentityNow or IdentityIQ to automate identity lifecycle (Joiner/Mover/Leaver) across hybrid environments.
- Define and manage attribute schemas supporting Attribute-Based Access Control (ABAC), aligned with NIST 8112 standards.
- Operate and synchronize an air-gapped SailPoint instance on a Top-Secret network, including offline attribute ingestion workflows.
- Configure and manage automated access certification campaigns to meet DoD audit requirements.
- Design and implement technical and business role models, replacing legacy AD groups with policy-driven access roles.
Clearance
- Active Top-Secret clearance with SCI eligibility (required to start).
Required Qualifications
- 5+ years of hands-on SailPoint (IdentityNow or IdentityIQ) implementation and administration in large enterprise environments.
- Strong expertise in Identity Lifecycle Management (JML), including automated provisioning/deprovisioning.
- Deep knowledge of Active Directory, LDAP, and Azure AD (Entra ID).
- Proven experience with RBAC, Separation of Duties (SoD), and access certifications.
Labor Categories
- Journeyman: 3-10 years’ experience; BA/BS or MA/MS
- Senior: 10+ years’ experience; MA/MS; may lead mission-critical efforts and mentor staff
Preferred Qualifications
- Experience implementing ABAC and DoD ICAM architectures.
- Knowledge of REST, SCIM, and SOAP integrations.
- Prior support to USSOCOM or other DoD agencies.
Certifications
- Required: CompTIA Security+ CE (or higher, DoD 8570 IAT II)
- Preferred: SailPoint IdentityNow or IdentityIQ certification; CIAM or CISA
T1457222TPS-AMG_1778097805