Enterprise Identity Credential and Access Management Specialist

The Challenge:

Do you want to play a critical leadership role in the world of identity and access management and zero trust? You know that the user is the last frontier for cybersecurity. It’s where the perimeter is drawn, and securing identities are pivotal in the fight against cybercriminals. As a Lead Identity and Access Management (IAM) Specialist, you’ll use your skills and experience to keep hackers from taking data and breaking processes. We’re looking for someone like you to partner with our clients and guide them as they meet their missions without disruption.

In this role, you’ll oversee large-scale IAM projects for our government clients. You’ll directly interface with stakeholders and engineering teams to delve into the details and dependencies of critical processes and users’ roles within them. You’ll drive your team to analyze the identity lifecycle, articulating access requirements and defining enterprise identity records. You’ll use your experience in IAM to design, deploy, and support systems that verify appropriate user privileges and manage credentials for accessing our clients’ most valuable assets. From single sign-on to privileged access systems, you’ll have the chance to lead the implementation of enterprise class solutions and stop adversaries in their tracks. This position is open to remote delivery anywhere within the U.S., to include the District of Columbia.

Join us. The world can’t wait.

You Have:

  • 8+ years of experience with commercial Identity and Access Management and Governance platforms, including Ping Identity Platform, Okta, SailPoint Lifecycle Manager, or CyberArk
  • Experience with Federation technologies and solutions
  • Experience with analysis, design, implementation, or maintenance of identity and access management application layers, including authentication with phishing resistant multi-factor authentication (MFA), authorization, account management and provisioning, and identity data repositories
  • Experience with Entrust PKI Certificate Authority (CA) or Entrust products and services, including developing and deploying PKI solutions using x.509 certificates
  • Knowledge of Federal Public Key Infrastructure (PKI) as it relates to Identity Access Management (IdAM)
  • Knowledge of HSPD-12 and Federal ICAM related policies and guidance
  • Knowledge of security technologies and certificates, including Digital Signature and Encryption
  • Knowledge of credential service providers (CSPs) for citizen service facing applications
  • Ability to assess, recommend, and provide technical Systems Development Life Cycle (SDLC) services to support the integration of identity, credential, and access management solutions into the agency enterprise
  • Ability to obtain a security clearance
  • HS diploma or GED

Nice If You Have:

  • Experience implementing Smart Card Login
  • Experience with enterprise directory services, including LDAP, web applications servers Active Directory, Identity Store, or SailPoint
  • Knowledge of Federation and authentication protocols, such as TLS/SSL Mutual Authentication, SAML, OpenID, OAuth, WS-Fed, or FIDO
  • Knowledge of Federal policy and guidance, including Executive Order 14028, FIPS 201-3, OMB M-19-17, OMB M-22-09, FedRAMP, NIST SP 800-63-3, 800-79-2, 800-207, 800-157, or 800-53 rev5
  • Knowledge of Physical Access Control Systems (PACS) and NIST PACS guidance, including NIST 800-116
  • Knowledge of ServiceNow and Amazon Web Services
  • Ability to consult with the client in the strategic design process to translate business requirements into technical designs and solutions
  • Possession of excellent verbal and written communication skills


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.


At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full time and part time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen’s benefit programs, individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. 

Salary for this position is determined by various factors, including but not limited to, location, the candidate’s particular combination of knowledge, skills, competencies and experience, as well as contract specific affordability and organizational requirements. The proposed salary range for this position is outlined below.

Colorado: $88,500 - $184,900 (annualized USD)

New York (including New York City): $94,000 - $225,900 (annualized USD)

Build Your Career:

Rewarding work, fun challenges, and a ton of investment in our people—that’s Booz Allen cyber. When you join Booz Allen, we’ll help you develop the career you want.

Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we’ve got plenty of chances for you to show off your skills.

Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.

Cyber University — CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.

Academic Partnerships — In addition to our tuition reimbursement benefit, we’ve partnered with University of Maryland University College to offer two graduate certificate programs in cybersecurity—fully funded without a tuition cap.

Maker/Hackerspaces — Race drones, print 3D gadgets, drink coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces.

We’re an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change – no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.

Not ready to apply? Join our talent community and sign up for job alerts.