Identity and Access Management (IdAM) Engineer

Job Description

Identity and Access Management (IdAM) Engineer ABSC has an exciting opening for you as our next Identity and Access Management (IdAM) Engineer supporting DIA-NMEC/OSIC under our 10-year DOMEX Technology Platform (DTP) contract. Have impact as part of a mission focused, solutions oriented, and adaptive team that values innovation, collaboration, and professional development. You will be responsible for maintaining existing enterprise identity management solutions, troubleshoot incidents, and assist with transitioning new capabilities to production. Duties will include validating the health and status, operations, and maintenance of identity management systems such as Keycloak and OpenID Connect (OIDC) technologies. This individual will work in a team environment supporting a large enterprise spanning multiple enclaves and sites. This is a 100% on-site position. All work must be performed at the customer site in Bethesda at the Intelligence Community Campus. Responsibilities include, but are not limited to: Design and implement IAM solutions using Keycloak for secure authentication and authorization based on OIDC, OAuth2, and SAML protocols. Integrate Keycloak with internal and external applications, APIs, and third-party services to enable secure access and identity federation. Manage and maintain the Keycloak infrastructure, including clustering, performance tuning, and monitoring. Implement custom authentication flows, policies, and user federation strategies using Keycloak. Collaborate with DevOps and infrastructure teams to ensure the scalability, security, and high availability of Keycloak deployments. Automate the management of identity and access workflows, including user provisioning, de-provisioning, and role-based access control (RBAC). Provide technical expertise for OIDC/OAuth2 standards, keeping up with industry trends and ensuring compliance with evolving security requirements. Troubleshoot issues related to authentication, authorization, and access control, ensuring a seamless user experience. Document system configurations, processes, and troubleshooting procedures for internal teams and stakeholders. Conduct regular security audits and recommend improvements for IAM practices and systems. Participate in and contribute to cross-functional teams working on broader IAM, DevSecOps, and security initiatives. Provide support for implementing, troubleshooting and maintaining of identity management systems. Rapidly distinguish isolated user problems from enterprise-wide application/system problems and provide recommended solutions. Provide follow-up reports (technical findings, feedback, resolution steps taken) for root cause analysis, engineering technical assessment and process improvement initiatives. Update operations and maintenance documentation for 24/7/365 enterprise watch personnel. Work with Operations, Engineering, and vendor support to develop solutions to complex technical issues. Work independently as part of a virtual team. Provide mentorship and training for junior team members. Experience and education required for this role: Candidate must have a Bachelor's, with at least 12 years of relevant experience. Additional years of experience may be considered in lieu of degree. Generally has 4+ years of experience supervising or leading teams or projects. Active TS/SCI clearance with Polygraph required OR active TS/SCI and willingness to get a Poly. 3-5 years of experience working in Identity and Access Management (IAM) with a focus on Keycloak and OIDC/OAuth2 technologies. Strong hands-on experience with configuring, deploying, and managing Keycloak in a production environment. Deep understanding of authentication and authorization protocols including OIDC, OAuth2, SAML, and LDAP. Proficiency in Java, Python, or other scripting languages used for extending and automating Keycloak. Experience with user federation (LDAP, Active Directory, etc.) and social identity providers (Google, Facebook, etc.) using Keycloak. Familiarity with DevOps practices, including CI/CD pipelines, and experience with Docker, Kubernetes, and infrastructure-as-code (IaC) tools such as Terraform. Strong problem-solving and debugging skills, particularly in complex, distributed environments. Ability to work in an Agile/Scrum environment, collaborating with cross-functional teams. Strong communication skills, with the ability to articulate technical solutions to both technical and non-technical stakeholders. Candidate must, at a minimum, meet DoD 8570.11- IAT Level II certification requirements (currently Security+ CE, CCNA-Security, GSEC, or SSCP along with an appropriate computing environment (CE) certification). Desired experience for this role: 5+ years of experience in IAM or related security engineering roles. Experience with cloud platforms (AWS, Azure, GCP) and securing cloud-native applications. Experience with identity governance tools (e.g., SailPoint, Okta). Familiarity with API security (e.g., JWT, mTLS) and best practices for securing microservices architectures. Experience implementing MFA, SSO, and zero-trust architectures. On-site Amenities: Available parking Accessible from MD, VA, or DC Metro-accessible shuttle service Wide open campus Gym on site Restaurants within walking distance Who we are: Since 2001, Absolute Business Solutions Corp (ABSC) has delivered professional services and technology-enabled solutions to federal, defense, and intelligence customers through a mission-first ethos resulting in agile, innovative, and technology-advancing capabilities. ABSC’s employees – including software developers, multi-disciplined intelligence analysts, technology protection engineers, program support personnel, and specialists in cloud, data science, AI/ML, and cyber – diligently support their customers, address their challenges, and stay ahead of technological or operational impacts to the mission. ABSC stands ready to deliver the next generation of programs, personnel, and solutions to help advance our federal government customers’ driving innovation, agility, and security across all mission areas. Some of our benefits include: 4 weeks of PTO plus 11 Federal Holidays Retirement Planning – 401k Fully Vested with Matching Tuition Assistance Program – Have Student Loans? Let us help! Annual Health and Wellness Allowance Career Development –5,250 USD Annually Towards Education and Training Volunteer Time Off – Spend time directly supporting a charity of your choice Charitable Match – ABSC matches (set amount) an employee’s donation to a qualifying charity Paid Parental Leave – Employees receive 3 weeks of paid parental leave at 100% pay Referral Program – We pay for internal and external referrals! Performance Bonus Apply to join our team today! We are always looking to grow our team - if you know someone who is seeking a new career opportunity, please share this job opening with them! ABSC offers generous external referral bonuses. You don’t need to be an employee to benefit from our Referral Program! *ABSC is a proud V3, Virginia Values Vets, member which recognizes our commitment to hiring Veterans. If you are a veteran, please be sure to include that in your application. Thank you! * Absolute Business Solutions Corp. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability. #J-18808-Ljbffr