Identity Platform (IdP) Engineer

Capgemini Government Solutions (CGS) LLC seeks a highly skilled Identity Platform (IdP) Engineer to join our Zero Trust Architecture team. In this role, you will be the one primary architect and administrator for identity services that form the "new perimeter" of our enterprise. You will bridge the gap between traditional networking and modern identity-centric security, ensuring that every access request is fully authenticated, authorized, and encrypted.

Job Responsibilities:

As Identity Platform (IdP) Engineer, you will be responsible for:

• Design and implement identity-based access control policies that adhere to Zero Trust principles (Never Trust, Always Verify).
• Lead the deployment, configuration, and optimization of PingFederate and Ping Access to provide seamless SSO and attribute-based access control (ABAC).
• Manage the full lifecycle of Identity, Credential, and Access Management (ICAM), including automated provisioning and complex directory integrations.
• Collaborate with the SOC and Network teams to integrate identity signals into our broader security monitoring and incident response workflows.
• Act as the subject matter expert for integrating PingFederate as the core Identity Provider (IdP) with third-party Zero Trust ecosystem components, including Privileged Access Manager (PAM), Master User Record (MUR) and Identity Governance and Administration (IGA).
• Create and maintain authentication policies, including Multi-Factor Authentication (MFA) and Risk-Based Authentication (RBA).
• Knowledge of directory services (Active Directory, LDAP, Azure AD).
• Familiarity with NIST 800-207 Zero Trust Architecture standards.
• A security-first mindset with the ability to troubleshoot complex authentication handshakes.
• Provide guidance and hands-on training for onboarding new applications into PingFederate using self-service templates, OIDC, and SAML to ensure consistent security standards across the enterprise.

Required Qualifications:

• Have an active Secret Government security clearance that requires U.S. citizenship
• Bachelor?s degree in computer science, Information Technology, Cybersecurity, or a related technical field.
• Minimum of 6 years of hands-on experience in ICAM (Identity, Credential, and Access Management) within enterprise or government environments.
• Deep proficiency with PingFederate (OIDC, SAML, OAuth protocols).
• Strong experience with Ping Access for protecting web applications and APIs at the gateway level.

• Active CompTIA Security+ (or equivalent IAT Level II certification) to meet compliance requirements

About Capgemini

Capgemini is a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, generative AI, cloud and data, combined with its deep industry expertise and partner ecosystem. The Group reported 2024 global revenues of ?22.1 billion.

Get the future you want | ;/p>

Disclaimer

All qualified applicants will be considered for employment based on their skills, and merit.

Please be aware that Capgemini may capture your image (video or screenshot) during the interview process and that image may be used for verification, including during the hiring and onboarding process.

Applicants for employment in the US must have valid work authorization that does not now and/or will not in the future require sponsorship of a visa for employment authorization in the US by Capgemini.

Capgemini discloses salary range information in compliance with state and local pay transparency obligations. The disclosed range represents the lowest to highest salary we, in good faith, believe we would pay for this role at the time of this posting, although we may ultimately pay more or less than the disclosed range, and the range may be modified in the future. The disclosed range takes into account the wide range of factors that are considered in making compensation decisions including, but not limited to, geographic location, relevant education, qualifications, certifications, experience, skills, seniority, performance, sales or revenue-based metrics, and business or organizational needs. At Capgemini, it is not typical for an individual to be hired at or near the top of the range for their role. The base salary range for the tagged location is $130K-$145K

This role may be eligible for other compensation including variable compensation, bonus, or commission. Full time regular employees are eligible for paid time off, medical/dental/vision insurance, 401(k), and any other benefits to eligible employees.

Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, or any other form of compensation that are allocable to a particular employee remains in the Company's sole discretion unless and until paid and may be modified at the Company?s sole discretion, consistent with the law.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review thenotice from the Department of Labor.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the notice from the Department of Labor.