Senior Identity Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

CACI International Inc · 17 hours ago

Senior Identity Engineer

positionTampa, FL
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$100K/yr - $220K/yr
date10+ years exp

CACI International Inc is looking for an experienced Identity Engineer to work on Zero Trust implementation efforts in support of U.S. Special Operations Command. The role involves hands-on technical responsibilities for the implementation, configuration, and management of identity security solutions across the enterprise.

Information TechnologyService IndustrySoftware
check
Comp. & BenefitsbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Identity Provider and Authentication Management:
Microsoft: Design, build, test, and deploy Microsoft Entra ID Conditional Access policies to enforce Zero Trust principles for access to cloud resources in Azure and AWS. Configure and maintain Certificate-Based Authentication (CBA) for CAC/PKI. Manage and troubleshoot the on-premises ADFS environment for legacy application support
Ping Federate: Configure and manage the Ping Federate platform as an enterprise federation gateway. Onboard new applications for Single Sign-On (SSO) using SAML and OIDC. Build and maintain authentication policies to enforce strong, phishing-resistant MFA
Privileged Access Management (PAM):
Delinea: Perform the hands-on onboarding of all privileged user, service, and application accounts into the Delinea vault
Configure and enforce Delinea policies for credential rotation, session recording, and monitoring
Build and implement Just-in-Time (JIT) and Just-Enough-Administration (JEA) access request and approval workflows to eliminate standing privileges
Identity Governance and Administration (IGA):
SailPoint: Implement and configure the automation of the Joiner-Mover-Leaver (JML) identity lifecycle process, replacing manual, ticket-based systems
Build and maintain the enterprise access catalog in SailPoint to replace the manual IMT48 form with an automated, workflow-driven request and approval system
Configure and execute periodic access certification campaigns for critical applications and privileged roles
AD and Linux Identity Management:
One Identity ARS: Use the Active Roles console to implement secure, delegated administration for Active Directory, creating policies to automate user/group lifecycle tasks
Red Hat IdM: Centrally manage authorization policies for the Linux estate, defining Host-Based Access Control (HBAC) rules and sudo policies to control access to RHEL servers

Qualification

Microsoft Entra IDDelinea PAMSailPoint IGAActive DirectoryZero Trust principlesMFAJIT/JEARBAC/ABACDoD 8140 ComplianceCompTIA Security+CompTIA CASP+CISSPRed Hat IdMCommunication skillsTeam leadership

Required

Must hold a current Top Secret clearance and be SCI eligible
Education: MA/MS Degree. A Senior labor category typically works on high-visibility or mission critical aspects of a given program and performs all functional duties independently. A Senior labor category may oversee the efforts of less senior staff and/or be responsible for the efforts of all staff assigned to a specific job. Bachelor's degree in computer science, Information Systems, Cybersecurity, or related field acceptable with additional experience (Master's preferred)
10+ years of experience in enterprise identity and access management architecture. Additional years of experience may be used in place of Education requirement
Deep, hands-on experience with at least one of the following core platforms: Microsoft Entra ID, an enterprise PAM solution (e.g., Delinea), or an enterprise IGA solution (e.g., SailPoint)
Strong understanding of core identity security principles, including least privilege, MFA, JIT/JEA, and RBAC/ABAC
Experience with Active Directory administration and group policy management
Ability to implement and troubleshoot complex security policies within enterprise tools
DoD 8140 Compliance (IAT Level II)
DoDM 8570 IAT II equivalent certification (e.g. CompTIA Security+)

Preferred

DoDM 8570 IAT III equivalent certification or higher (e.g. CompTIA CASP+, CISSP)
Microsoft Certified: Identity and Access Administrator (SC-300)
Delinea Certified Administrator
SailPoint Certified IdentityNow Engineer
Ping Certified Professional
Experience with Red Hat IdM policy management
Familiarity with Zero Trust Network Access (ZTNA) and continuous authentication models
Prior experience supporting USSOCOM mission requirements
Strong communication skills with ability to brief senior leadership and interface with stakeholders
Ability to lead teams in complex, multi-vendor environments

Benefits

Healthcare
Wellness
Financial
Retirement
Family support
Continuing education
Time off benefits

Company

CACI International Inc

twittertwittertwitter
Glassdoor4.0
company-logo
At CACI International Inc (NYSE: CACI), our 25,000 talented and dynamic employees are ever vigilant in delivering distinctive expertise and technology to meet our customers’ greatest challenges in national security.
dateFounded in 1962
location
Arlington, Virginia, USA
people-size10001+ employees
web-link
https://www.caci.com

Funding

Current Stage
Public Company
Total Funding
$1B
2025-05-21Post Ipo Debt· $1B
2003-01-10IPO

Leadership Team

leader-logo
John Mengucci
President & CEO
linkedin
leader-logo
Darryl W Burke
Senior Vice President / Air Force Client Executive
linkedin

Recent News

Pulse 2.0
CACI Agrees To Acquire ARKA Group From Blackstone For $2.6 Billion
2025-12-27
MarketScreener
Industrials Up on 2026 Growth Optimism -- Industrials Roundup
2025-12-24
Morningstar.com
Industrials Up on 2026 Growth Optimism — Industrials Roundup
2025-12-24
Company data provided by crunchbase