Military Hire

Identity Governance and Administration (IGA) Engineer (SailPoint)Leidos

  • not-remote
  • full-time
  • Salary
  • Tampa, FL
Job Summary

Description

Leidos is seeking a highly skilled Identity Governance and Administration (IGA) Engineer to join the Zero Trust execution team at U.S. Special Operations Command (USSOCOM). In a Zero Trust architecture, identity is the new perimeter, and this role is responsible for building and maintaining the "source of truth" that governs access to the Command's most critical data.

As the IGA Engineer, you will lead the implementation and configuration of SailPoint across the NIPR, SIPR, and Top-Secret networks. You will move beyond basic account provisioning to implement a sophisticated Attribute-Based Access Control (ABAC) model. You will be responsible for defining and managing the lifecycle of "Trust Attributes" (such as clearance level, training status, and job role) that are consumed by downstream enforcement tools like Microsoft Purview and Kiteworks. Your work ensures that when a user’s status changes, their access to sensitive data is updated instantly—even in air-gapped environments

Responsibilities

  • SailPoint Architecture & Configuration: Assist in the design, deployment, and ongoing management of SailPoint IdentityNow (or IIQ) to automate the full identity lifecycle (Joiner, Mover, Leaver) across hybrid and on-premises environments.
  • ABAC Attribute Management: Define and manage the schema for "Trust Attributes" (e.g., Clearance, COI, Project Codes) within SailPoint, ensuring they align with the NIST 8112 metadata standard for consumption by policy decision points.
  • Air-Gapped Identity Operations: Manage the offline instance of SailPoint on the Top-Secret network, developing the workflows to import "Attribute Manifests" and ensure that identity data remains synchronized with the low-side source of truth.
  • Access Certification: Configure and execute automated access certification campaigns for critical data repositories and privileged roles, ensuring compliance with DoD audit requirements.
  • Role Modeling: Work with mission owners to define Technical Roles and Business Roles within SailPoint, replacing broad, static Active Directory groups with granular, policy-driven access roles.

Qualifications

  • BS and 4 – 10 years of prior relevant experience or Masters with 2 – 6 years of prior relevant experience. Additional 4 years experience can be substituted without a degree.
  • Active Top-Secret clearance with SCI eligibility.

Required Experience & Skills

  • 4+ years hands-on experience designing, implementing, and administering SailPoint (IdentityNow or IdentityIQ) in a large enterprise environment.
  • Deep understanding Identity Lifecycle Management, the Joiner-Mover-Leaver (JML) process and experience automating provisioning/deprovisioning workflows connected to HR systems and Active Directory.
  • Strong knowledge of Active Directory, LDAP, and Azure Active Directory (Entra ID) structures and management.
  • Proven experience of Governance Principles, working with Role-Based Access Control (RBAC) modeling, Separation of Duties (SoD) policy creation, and access certification
  • CompTIA Security+ CE (or higher) to meet DoD 8570 IAT Level II requirements.

Preferred Experience & Skills

  • Experience implementing Attribute-Based Access Control (ABAC) strategies.
  • Familiarity with DoD Identity, Credential, and Access Management (ICAM) reference designs.
  • Knowledge of integration protocols such as REST, SCIM, and SOAP.
  • Experience supporting USSOCOM or other DoD agencies.

Certifications (Preferred)

  • SailPoint Certified IdentityNow Engineer or SailPoint Certified IdentityIQ Engineer.
  • Certified Identity and Access Manager (CIAM) or CISA.

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.

Original Posting:

March 23, 2026






For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.


Pay Range:

Pay Range $87,100.00 - $157,450.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

About Leidos

Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com.

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits.

Securing Your Data

Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at LeidosCareersFraud@leidos.com.

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.

Logo