Identity Governance and Administration Engineer Lead

Key Role: 

Apply Cybersecurity experience in Identity and Access Management (IdAM) to analyze, design, and support a continuous monitoring solution to verify and validate appropriate user privileges, assigned credentials, trustworthiness, appropriate user security behavior training, and appropriately granted resource access rights to users. Employ cybersecurity experience in IdAM to analyze, design, and support a continuous monitoring solution to verify and validate appropriate user privileges, assigned credentials, trustworthiness, appropriate user security behavior training, and appropriately granted resource access rights to users. Engage multiple stakeholders and leverage related security products or technologies to recommend solution architectures and designs needed to monitor and report on IdAM related data across multiple Government Agencies. Integrate disparate IdAM data from multiple sources into a singular database for correlation and presentation. Maintain responsibility for articulating and authoring multiple findings, recommendations, and other artifacts, including interfacing with key stakeholders to implement tailored IAM solutions. Lead architects, SMEs, and other engineers and provide work leadership to mid and junior employees daily. This position is open to remote delivery anywhere within the U.S., to include the District of Columbia. 

Basic Qualifications: 

  • 7+ years of experience collaborating with clients to deliver results 

  • 5+ years of experience with IT, including supporting access management solutions, such as connector or systems integrations, entitlement management, user credential management, or user security behavior monitoring  

  • 5+ years of experience in supporting IAM, security operations and threat response, or security architecture

  • 5+ years of experience with requirements, design, implementation, integration, testing, or change management  

  • 5+ years of experience with COTS IAM tools, including SailPoint or Saviynt  

  • 3+ years of experience with implementing IAM tools in an enterprise environment and Identity Lifecycle Management 

  • 3+ years of experience with Java, JavaScript, BeanShell, JSON, XML, or REST development

  • Knowledge of Active Directory or LDAP management, configuration or design, PKI X509, SSO across multiple domains, 2FA via PIV or CAC, and scripting and coding  

  • Ability to obtain a security clearance  

  • HS diploma or GED 


Additional Qualifications:

  • Experience with CyberArk, CA PAM/Broadcom Layer 7, Centrify or BeyondTrust  

  • Experience with Role-Mining and Role-Based Access Control 

  • Experience using SCIM for Identity Management 

  • Experience with supporting IAM both On-Premise and in a Cloud environment, including Azure or AWS  

  • Experience with SQL database administration or management  

  • Experience with a SIEM tool, including Splunk or the ELK stack preferred  

  • Experience with authoring Cybersecurity guidance, including policies, strategies, and whitepapers  

  • Experience with HSPD-12, FIPS 201-2, FICAM, OMB 11-11, FedRAMP, PCI, FISMA, or NIST 800-53, 800-63, 800-79-2, or 800-157 policies and standards a plus  

  • Master's degree in Information Technology, Information Systems, or Computer Science 

  • CISSP, CISM, Security+, or other security industry-related or vendor certifications 


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information. 


At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full time and part time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen’s benefit programs, individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. 

Salary for this position is determined by various factors, including but not limited to, location, the candidate’s particular combination of knowledge, skills, competencies and experience, as well as contract specific affordability and organizational requirements. The proposed salary range for this position is outlined below.

Colorado: $79,000 - $165,000 (annualized USD)

New York (including New York City): $83,900 - $201,700 (annualized USD)

We’re an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change – no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.

Not ready to apply? Join our talent community and sign up for job alerts.