CCS Global Tech · 20 hours ago
IAM Engineer (TS/SCI clearance required)
Tampa, FL
Full-time
Onsite
Senior Level
$155K/yr - $165K/yr
5+ years expCCS Global Tech is seeking an Identity Governance and Administration (IGA) Engineer to support the Zero Trust execution team at U.S. Special Operations Command (USSOCOM). The role involves designing and implementing an Attribute-Based Access Control (ABAC) model using SailPoint to manage identity attributes and ensure secure access to sensitive data.
Information TechnologyMobile AppsSoftware
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Design, deploy, configure, and manage SailPoint IdentityNow or SailPoint IdentityIQ
Automate the full Joiner-Mover-Leaver (JML) lifecycle across hybrid, on-premises, and classified environments
Integrate SailPoint with HR systems, Active Directory, and other authoritative identity sources
Define, manage, and govern 'Trust Attributes' including (but not limited to) clearance level, need-to-know, COI, project codes, job roles, and training status
Ensure attribute schemas align with the NIST 8112 metadata standard
Support downstream policy decision and enforcement tools such as Microsoft Purview and Kiteworks
Manage an offline SailPoint instance operating on the Top-Secret network
Design and maintain workflows for importing Attribute Manifests into air-gapped environments
Ensure identity data consistency and synchronization between low-side and high-side systems
Configure and execute automated access certification campaigns
Support audits and compliance efforts aligned with DoD security and governance requirements
Manage certifications for privileged roles and sensitive data repositories
Partner with mission owners and system stakeholders to define Technical Roles and Business Roles
Replace broad, static Active Directory group assignments with fine-grained, policy-driven access roles
Enforce Separation of Duties (SoD) policies
Qualification
Required
Active Top-Secret (TS) clearance with SCI eligibility (must be held at time of hire)
Minimum 5+ years of hands-on experience implementing and administering SailPoint IdentityNow or IdentityIQ in large enterprise environments
Strong expertise in identity lifecycle management (Joiner-Mover-Leaver)
Experience automating identity provisioning and de-provisioning workflows
Advanced knowledge of Active Directory
Advanced knowledge of LDAP
Advanced knowledge of Azure Active Directory (Entra ID)
Demonstrated experience with Role-Based Access Control (RBAC)
Demonstrated experience with Separation of Duties (SoD)
Demonstrated experience with access certification campaigns
Education: BA/BS or MA/MS degree
Experience: 3 to 10 years
Preferred
Hands-on experience implementing Attribute-Based Access Control (ABAC) solutions
Familiarity with DoD Identity, Credential, and Access Management (ICAM) reference architectures
Experience with identity integration protocols including REST, SCIM, and SOAP
Prior experience supporting USSOCOM or other Department of Defense (DoD) organizations
Preferred: SailPoint Certified IdentityNow Engineer
Preferred: SailPoint Certified IdentityIQ Engineer
Preferred: Certified Identity and Access Manager (CIAM)
Preferred: Certified Information Systems Auditor (CISA)
Benefits
Competitive sign-on bonus (for qualified candidates)
Relocation assistance available
Company
CCS Global Tech
CCS Global Tech is an IT company that provides application development services.
501-1000 employees
Funding
Current Stage
Late StageLeadership Team
Mark Hunsicker
Sr. VP Account and Partner Management
Arti Pathak
AVP, Strategic Partnership
Recent News
Company data provided by crunchbase