×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer Data Security

ForgeRock IAM Engineer

Job in Reston, Fairfax County, Virginia, 22090, USA
Listing for: Peraton
Full Time position
Listed on 2026-05-11
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer, Data Security
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below

Forge Rock IAM Engineer Responsibilities

We are seeking a skilled Forge Rock IAM Engineer with strong experience in Forge Rock (Ping One Advanced Identity Cloud) to design, implement, and support secure access management solutions for a large federal environment. This role focuses on authentication, SSO, and Zero Trust security aligned with federal standards such as NIST and FedRAMP.

The Forge Rock AM (Access Management) Engineer is a specialized Identity and Access Management (IAM) professional responsible for designing, implementing, and maintaining secure access management solutions using the Forge Rock Identity Platform (now Ping One Advanced Identity Cloud). This role is integral to the U.S. Department of Education's Federal Student Aid (FSA) Federal IAM program – a mission‑critical platform securing digital assets and managing identity for millions of students, institutions, and federal stakeholders.

The engineer focuses on delivering robust authentication, authorization, and Single Sign‑On (SSO) strategies that align with federal security mandates including NIST SP 800-63, FICAM, FedRAMP, and Zero Trust Architecture (ZTA) principles. Working within an agile delivery environment, this role collaborates across engineering, security, architecture, and product teams to ensure the IAM platform remains secure, scalable, and compliant.

  • Design & Architecture: Translate business and security requirements into scalable IAM technical designs using Forge Rock/Ping One components – Access Management (AM/PingAM), Identity Management (IDM/PingIDM), Directory Services (DS/PingDS), and Identity Gateway (IG/Ping Gateway); lead design reviews, architecture workshops, and technical documentation.
  • Implementation & Integration: Install, configure, and integrate Forge Rock AM solutions with enterprise applications, cloud services (AWS, Azure, GCP), and legacy systems; develop and maintain REST API integrations and federation configurations across hybrid and multi‑cloud environments.
  • Authentication & Authorization: Design and implement custom authentication trees/journeys, Multi‑Factor Authentication (MFA) nodes, Risk‑Based Authentication (RBA), and authorization policies to enforce secure, least‑privilege user access; support phishing‑resistant MFA including PIV/CAC card integration aligned with NIST Authenticator Assurance Levels (AAL1/AAL2/AAL3).
  • Identity Lifecycle Management: Oversee automated user provisioning, de‑provisioning, and role‑based access control (RBAC) and attribute‑based access control (ABAC) workflows; integrate with HR systems, LDAP/Active Directory, and downstream applications to support full identity lifecycle governance.
  • Zero Trust Architecture Implementation: Implement Zero Trust principles per NIST SP 800-207 and federal Executive Order mandates; deploy authentication authority and authorization engines that enforce continuous verification across hybrid, multi‑cloud environments.
  • Federation & SSO: Configure and maintain identity federation hubs integrating with third‑party authentication sources, diverse user directories, and existing ICAM systems; enable standards‑based SSO across agency boundaries and mission‑partner environments using SAML 2.0, OAuth 2.0, and OIDC.
  • Identity Governance & Administration (IGA): Streamline access request workflows, access reviews, and Segregation of Duties (SoD) enforcement to ensure correct permissions, prevent inappropriate access, and satisfy federal audit and compliance requirements.
  • Automation & Scripting: Build and maintain scripts (Java, Groovy, JavaScript, Python, or Shell) to automate routine operational tasks, optimize system performance, and support CI/CD pipeline integration for IAM configuration management.
  • Troubleshooting & L3 Support: Provide Level 3 support for identity‑related incidents; perform root cause analysis, resolve complex platform issues, and ensure high system availability and uptime; serve as Subject Matter Expert (SME) for production escalations.
  • Compliance & Audit Support: Ensure IAM configurations meet federal regulatory requirements (FISMA, FedRAMP, NIST, FICAM, CMMC); support security audits, continuous monitoring, and…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search