Identity Provider Operations Engineer

Identity Provider Operations Engineer

Job Number: R0239846

As an Identity Provider (IdP) Operations Engineer, you’ll support the ongoing operations, maintenance, sustainment, and troubleshooting of enterprise IAM and federation services in support of Zero Trust initiatives and mission-critical environments. You’ll help ensure the reliability, security, and operational readiness of authentication and federation platforms used across the enterprise. You will work closely with cybersecurity teams, system administrators, network engineers, and mission stakeholders to support daily IAM operations, resolve authentication and federation issues, maintain access management services, and ensure compliance with organizational security policies and standards.

Your responsibilities will include monitoring identity systems, troubleshooting SSO and federation issues, maintaining MFA and password‑less authentication capabilities, supporting user lifecycle management processes, applying patches and configuration updates, and assisting with operational automation and service improvement initiatives.

• Experience administering, supporting, and maintaining identity platforms such as Ping Federate, Okta, or Entra  an enterprise operations environment
• Experience supporting and troubleshooting authentication and federation protocols including SAML 2.0, OAuth 2.0, and OpenID Connect (OIDC)
• Experience troubleshooting SAML, OAuth, and OIDC integrations, token exchanges, assertion mismatches, and federation connectivity issues
• Experience using scripting or automation languages such as Java, JavaScript, Python, Power Shell, or Groovy to support operational tasks, automation, and maintenance activities, and with system monitoring, operational documentation, patching, and maintenance procedures for IAM services
• Experience working with RESTful APIs to support identity platform integrations, operational automation, and user lifecycle management processes
• Experience supporting integrations and synchronization with Active Directory (AD) or LDAP environments
• Knowledge of Zero Trust architectures and operational support of multifactor authentication (MFA) and password‑less authentication solutions
• Ability to diagnose and resolve complex identity and federation operational issues in production environments
• Active TS/SCI clearance; willingness to take a polygraph exam
• HS diploma or GED

• Experience supporting and maintaining Ping Identity Suite tools including Ping Federate, Ping Access, Ping Directory, or Ping One
• Experience supporting automated user lifecycle management processes using SCIM protocols
• Experience maintaining IAM platform integrations within Dev Ops or CI/CD operational environments
• Knowledge of Okta operational features including Okta Workflows, Custom Authorization Servers, Inline Hooks, and Okta APIs
• Knowledge of compliance and regulatory standards including NIST, FedRAMP, HIPAA, or related identity management frameworks
• Knowledge of cloud identity platforms such as AWS Cognito, Azure AD B2C, or Google Cloud Identity
• Possession of strong verbal and written communication skills
• TS/SCI clearance with polygraph
• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.

Salary range: $86,800 to $198,000 annually. This range reflects typical compensation for this position based on location, experience, and other factors. The posting will close within 90 days from the posting date.

All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.