Jobs · Engineering · Virginia

DevOps Automation Engineer

Capgemini Government Solutions · McLean, VA · 1 wk ago
Engineering$120k–$155k/yrFull-time

About the role

This senior-level technical role designs, implements, and governs enterprise-wide systems that manage user identities and access rights, bridging security strategy and technical implementation across on-premises and cloud environments while mentoring junior engineers.

Responsibilities

  • Design, implement, and govern enterprise-wide identity and access management systems across on-premises and cloud environments
  • Bridge security strategy and technical implementation, guiding junior engineers and collaborating with stakeholders to deliver secure, compliant, and scalable access solutions
  • Implement and support cloud-based Identity Management and Access Governance products
  • Lead legacy-to-modern integration using hybrid identity patterns (on-prem and cloud), directory consolidation, application modernization waves, and identity data quality remediation
  • Design and deploy access requests, approvals, certifications, Separation of Duties (SoD) controls, role mining and role design, and connectors at scale
  • Build and lead runbooks, a Level 1-Level 3 support model, SLAs, and audit-ready evidence for access governance and privileged access
  • Implement IAM components in the cloud (e.g., AWS) with secure networking, logging, and deployment patterns
  • Apply AI/ML-assisted analytics in Saviynt or similar IGA products (e.g., access anomaly detection, certification prioritization, identity risk scoring, and role/entitlement recommendations)

Requirements

  • S. Citizenship
  • Ability to obtain and maintain a Tier 4 / High Risk background investigation (High Risk Public Trust), as required for all task areas under this contract
  • Bachelor’s degree in Engineering, Computer Science, Systems, Business, Information Systems, Information Resource Management, or a related scientific discipline
  • Product certification(s), such as Saviynt, SailPoint, or equivalent
  • Demonstrated healthcare IAM delivery across all three sectors: at least one State/Local public health or Medicaid/eligibility environment, one commercial payer/provider environment, and one Federal health (or Federal health-adjacent) environment, with references tied to measurable outcomes (e.g., application onboarding volume, MFA adoption, audit findings reduced)
  • Proven multi-identity population design supporting employees, contractors, temporary staff, vendors, and affiliates/partners with distinct lifecycle rules, entitlements, and separation of duties
  • Experience with agency/department partitioning, delegated administration, and policy differences across State/Local entities and Federal components
  • Expertise implementing and supporting cloud-based Identity Management and Access Governance products
  • Expertise in legacy-to-modern integration, including hybrid identity patterns (on-prem and cloud), directory consolidation, application modernization waves, and identity data quality remediation
  • Has led at least two IAM modernization or legacy migrations (e.g., AD/LDAP rationalization, custom IAM replacement, SSO federation rollout, provisioning modernization) with a clear cutover strategy (parallel run, staged migration, rollback)
  • Operational expertise to build or lead runbooks, a Level 1-Level 3 support model, SLAs, and audit-ready evidence for access governance and privileged access
  • Expertise with designing and deploying access request, approvals, certifications, SoD controls, role mining/role design, and connectors at scale
  • Experience with applying AI/ML-assisted analytics in Saviynt and/or similar IGA products contexts (e.g., access anomaly detection, certification prioritization, identity risk scoring, role/entitlement recommendations)
  • Expertise in cloud and directory and implemented IAM components in cloud (such as AWS) with secure networking, logging, and deployment patterns
  • Expertise with the security architecture of the solution, including IAM, Cloud Security, API Security, and Data Security

Qualifications

  • Bachelor’s degree in Engineering, Computer Science, Systems, Business, Information Systems, Information Resource Management, or a related scientific discipline
  • S. Citizenship
  • Ability to obtain and maintain a Tier 4 / High Risk background investigation (High Risk Public Trust), as required for all task areas under this contract
  • Product certification(s), such as Saviynt, SailPoint, or equivalent
  • Demonstrated healthcare IAM delivery across all three sectors: at least one State/Local public health or Medicaid/eligibility environment, one commercial payer/provider environment, and one Federal health (or Federal health-adjacent) environment, with references tied to measurable outcomes (e.g., application onboarding volume, MFA adoption, audit findings reduced)
  • Proven multi-identity population design supporting employees, contractors, temporary staff, vendors, and affiliates/partners with distinct lifecycle rules, entitlements, and separation of duties
  • Experience with agency/department partitioning, delegated administration, and policy differences across State/Local entities and Federal components
  • Expertise implementing and supporting cloud-based Identity Management and Access Governance products
  • Expertise in legacy-to-modern integration, including hybrid identity patterns (on-prem and cloud), directory consolidation, application modernization waves, and identity data quality remediation
  • Has led at least two IAM modernization or legacy migrations (e.g., AD/LDAP rationalization, custom IAM replacement, SSO federation rollout, provisioning modernization) with a clear cutover strategy (parallel run, staged migration, rollback)
  • Operational expertise to build or lead runbooks, a Level 1-Level 3 support model, SLAs, and audit-ready evidence for access governance and privileged access
  • Expertise with designing and deploying access request, approvals, certifications, SoD controls, role mining/role design, and connectors at scale
  • Experience with applying AI/ML-assisted analytics in Saviynt and/or similar IGA products contexts (e.g., access anomaly detection, certification prioritization, identity risk scoring, role/entitlement recommendations)
  • Expertise in cloud and directory and implemented IAM components in cloud (such as AWS) with secure networking, logging, and deployment patterns
  • Expertise with the security architecture of the solution, including IAM, Cloud Security, API Security, and Data Security

Skills

  • Strong understanding of IAM principles and practices
  • Experience with cloud-based IAM solutions (e.g., AWS, Azure, Google Cloud)
  • Hands-on experience with Saviynt, SailPoint, or similar IGA products
  • Experience with AI/ML-assisted analytics in IAM contexts
  • Expertise in legacy-to-modern integration, including hybrid identity patterns (on-prem and cloud), directory consolidation, application modernization waves, and identity data quality remediation
  • Strong problem-solving and analytical skills
  • Excellent communication and collaboration skills
  • Experience with designing and deploying access request, approvals, certifications, SoD controls, role mining/role design, and connectors at scale
  • Experience with cloud and directory and implemented IAM components in cloud (such as AWS) with secure networking, logging, and deployment patterns
  • Expertise with the security architecture of the solution, including IAM, Cloud Security, API Security, and Data Security

Benefits

  • Flexible work
  • Healthcare including dental, vision, mental health, and well-being programs
  • Financial well-being programs such as 401(k) and Employee Share Ownership Plan
  • Paid time off and paid holidays
  • Paid parental leave
  • Family building benefits like adoption assistance, surrogacy, and cryopreservation
  • Social well-being benefits like subsidized back-up child/elder care and tutoring
  • Mentoring, coaching and learning programs
  • Employee Resource Groups
  • Disaster Relief

Pay

$120k - $155k

Schedule

Contract

Similar jobs