Zero Trust IGA Engineer

We are seeking an IGA Engineer to support USSOCOM’s Zero Trust execution efforts by implementing and operating SailPoint-based identity governance capabilities across NIPR, SIPR, and Top Secret networks.

The IGA Engineer is responsible for designing, deploying, and maintaining SailPoint Identity Governance solutions that serve as the authoritative source for identity attributes and access decisions. This role goes beyond basic provisioning and focuses on implementing lifecycle automation, access governance, and attribute-driven access control in complex, multi-enclave environments.

• →Design, deploy, and maintain SailPoint IdentityNow or IdentityIQ to automate Joiner-Mover-Leaver (JML) identity lifecycle processes
• →Define and manage identity attributes (e.g., clearance, role, COI, project codes) used to support attribute-based access control (ABAC) models
• →Configure and execute automated access certification campaigns for privileged roles and critical systems
• →Develop and maintain SailPoint role models, including technical and business roles, to replace static group-based access
• →Support identity governance operations across disconnected and air-gapped environments, including Top Secret networks
• →Ensure identity data integrity and synchronization between low-side and high-side environments
• →Collaborate with ICAM, Zero Trust, and integration teams to ensure identity attributes are consumed correctly by downstream enforcement tools
• →Support audit and compliance requirements related to access governance and identity lifecycle management

• Active DoD Top Secret clearance with SCI eligibility
• DoD 8570 / 8140 compliant (Security+ CE or higher – IAT Level II)
• 5+ years of hands-on experience implementing and administering SailPoint (IdentityNow or IdentityIQ) in an enterprise environment
• Strong understanding of identity lifecycle management (Joiner-Mover-Leaver automation)
• Experience integrating SailPoint with Active Directory, LDAP, and Microsoft Entra ID
• Experience implementing access governance concepts, including RBAC, separation of duties (SoD), and access certification
• Ability to operate independently in complex, mission-critical environments
• Labor Category Alignment
• Journeyman: 3–10 years of experience; BA/BS or MA/MS
• Senior: 10+ years of experience; MA/MS; supports high-visibility or mission-critical program efforts and may lead others

• Experience implementing Attribute-Based Access Control (ABAC) strategies
• Familiarity with DoD ICAM reference architectures and Zero Trust concepts
• Experience integrating SailPoint using REST, SCIM, or SOAP
• Prior experience supporting USSOCOM or other DoD organizations
• SailPoint Certified IdentityNow or IdentityIQ Engineer
• CIAM or CISA certification

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law.