%3Cp style=%22font-family: Arial;%22%3E%3Cspan style=%22font-size: 12px;%22%3E%3Cstrong%3EJob Title%3C/strong%3E: ICAM Engineer %26ndash; PingFederate Specialist%3C/span%3E%3C/p%3E%0A%3Cp style=%22font-family: Arial;%22%3E%3Cspan style=%22font-size: 12px;%22%3E%3Cstrong%3ELocation%3C/strong%3E: N. America%26nbsp;%3C/span%3E%3C/p%3E%0A%3Cp style=%22font-family: Arial;%22%3E%3Cspan style=%22font-size: 12px;%22%3E%3Cstrong%3ETravel%3C/strong%3E: 25%%3C/span%3E%3C/p%3E%0A%3Cp style=%22font-family: Arial;%22%3E%3Cspan style=%22font-size: 12px;%22%3E%3Cstrong%3EJob description:%3C/strong%3E%3C/span%3E%3Cbr%3E%3Cspan style=%22font-size: 12px;%22%3EMust be USC and able to obtain or have Top Secret Clearance%26nbsp;%3C/span%3E%3C/p%3E%0A%3Cp class=%22MsoNormal%22%3E%3Cspan style=%22font-size: 12px;%22%3E%3Cspan style=%22font-family: arial, helvetica, sans-serif;%22%3E%3Cstrong%3EPosition Overview:%3C/strong%3E%3Cbr%3EWe are seeking a highly skilled ICAM Engineer with deep expertise in PingFederate to support a Zero Trust Program Management Office. This role is critical in implementing and sustaining secure identity and access solutions, focusing on the User, Data, and Device pillars.%3Cbr%3EThe ideal candidate will have hands-on experience with PingFederate and a strong understanding of identity protocols, Zero Trust principles, and enterprise ICAM architecture across both on-premises and cloud environments.%3Cbr%3EKey Responsibilities:%3Cbr%3E%26bull; Design, implement, and maintain PingFederate solutions to support secure federated authentication across hybrid environments, on-prem and cloud.%3Cbr%3E%26bull; Support the execution of ICAM capabilities across three key phases:%3Co:p%3E%3C/o:p%3E%3C/span%3E%3C/span%3E%3C/p%3E%0A%3Cp style=%22font-family: Arial;%22%3E%3Cspan style=%22font-size: 12px;%22%3E%3Cspan style=%22font-size: 11.0pt; font-family: %27Aptos%27,sans-serif; mso-fareast-font-family: Aptos; mso-fareast-theme-font: minor-latin; mso-bidi-font-family: Aptos; mso-ansi-language: EN-US; mso-fareast-language: EN-US; mso-bidi-language: AR-SA;%22%3E%3Cspan style=%22font-size: 12px;%22%3E%3Cspan style=%22font-family: arial, helvetica, sans-serif;%22%3EPre-deployment %26ndash; architecture design, documentation planning, and engineering.%3C/span%3E%3C/span%3E%3Cbr%3E%3Cspan style=%22font-size: 12px;%22%3E%3Cspan style=%22font-family: arial, helvetica, sans-serif;%22%3EDeployment %26ndash; implementation and configuration of PingFederate and related services.%3C/span%3E%3C/span%3E%3Cbr%3E%3Cspan style=%22font-size: 12px;%22%3E%3Cspan style=%22font-family: arial, helvetica, sans-serif;%22%3EOperational Sustainment %26ndash; ongoing support, documentation, and optimization.%3C/span%3E%3C/span%3E%3Cbr%3E%3Cspan style=%22font-size: 12px;%22%3E%3Cspan style=%22font-family: arial, helvetica, sans-serif;%22%3E%26bull; Align ICAM implementations with a Zero Trust Strategy, particularly in the User, Data, and Device pillars:%3C/span%3E%3C/span%3E%3Cbr%3E%3Cspan style=%22font-size: 12px;%22%3E%3Cspan style=%22font-family: arial, helvetica, sans-serif;%22%3EUser: Continuous authentication and monitoring of user activity.%3C/span%3E%3C/span%3E%3Cbr%3E%3Cspan style=%22font-size: 12px;%22%3E%3Cspan style=%22font-family: arial, helvetica, sans-serif;%22%3EData: Enable data visibility and protection through encryption and tagging.%3C/span%3E%3C/span%3E%3Cbr%3E%3Cspan style=%22font-size: 12px;%22%3E%3Cspan style=%22font-family: arial, helvetica, sans-serif;%22%3EDevice: Assess device health and enforce access decisions based on real-time posture.%3C/span%3E%3C/span%3E%3Cbr%3E%3Cspan style=%22font-size: 12px;%22%3E%3Cspan style=%22font-family: arial, helvetica, sans-serif;%22%3E%26bull; Enhance and support RBAC and ABAC models across the enterprise.%3C/span%3E%3C/span%3E%3Cbr%3E%3Cspan style=%22font-size: 12px;%22%3E%3Cspan style=%22font-family: arial, helvetica, sans-serif;%22%3E%26bull; Ensure compliance with ICAM and Zero Trust policies, standards, and guidance.%3C/span%3E%3C/span%3E%3Cbr%3E%3Cspan style=%22font-size: 12px;%22%3E%3Cspan style=%22font-family: arial, helvetica, sans-serif;%22%3E%26bull; Collaborate with cross-functional teams to integrate identity services with enterprise applications and services.%3C/span%3E%3C/span%3E%3Cbr%3E%3Cspan style=%22font-size: 12px;%22%3E%3Cspan style=%22font-family: arial, helvetica, sans-serif;%22%3E%26bull; Troubleshoot and resolve authentication and access issues in complex environments.%3C/span%3E%3C/span%3E%3Cbr style=%22mso-special-character: line-break;%22%3E%3C!-- [if !supportLineBreakNewLine]--%3E%3Cbr style=%22mso-special-character: line-break;%22%3E%3C!--[endif]--%3E%3C/span%3E%3C/span%3E%3C/p%3E
Required Qualifications: • Must be US Citizen • Top Secret (TS) level clearance required or able to obtain • Bachelor’s degree in Computer Science, Cybersecurity, or related field (or equivalent experience). • 3+ years of direct experience implementing and managing PingFederate in enterprise environments. • Strong knowledge of SAML 2.0, OAuth 2.0, OpenID Connect, and related identity standards. • Experience/Familiarity supporting Zero Trust initiatives. • Familiarity with Active Directory, LDAP, PKI, and cloud identity services (e.g., Azure AD). • Proficiency in scripting (e.g., PowerShell, Python) for automation and integration. Preferred Qualifications: • Ping Identity certifications (e.g., PingFederate Certified Professional). • Experience with other Ping Identity products (PingAccess, PingDirectory, PingOne). • Knowledge of Zero Trust architecture and NIST 800-207 • Experience with federal IT environments. • Familiarity with ICAM-related tools and technologies used in federal healthcare IT.
Life at Capgemini
Capgemini supports all aspects of your well-being throughout the changing stages of your life and career. For eligible employees, we offer:
Flexible work
Healthcare including dental, vision, mental health, and well-being programs
Financial well-being programs such as 401(k) and Employee Share Ownership Plan
Paid time off and paid holidays
Paid parental leave
Family building benefits like adoption assistance, surrogacy, and cryopreservation
Social well-being benefits like subsidized back-up child/elder care and tutoring
Mentoring, coaching and learning programs
Employee Resource Groups
Disaster Relief
About Capgemini
Capgemini is a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, generative AI, cloud and data, combined with its deep industry expertise and partner ecosystem. The Group reported 2024 global revenues of €22.1 billion.
Capgemini is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law.
This is a general description of the Duties, Responsibilities and Qualifications required for this position. Physical, mental, sensory or environmental demands may be referenced in an attempt to communicate the manner in which this position traditionally is performed. Whenever necessary to provide individuals with disabilities an equal employment opportunity, Capgemini will consider reasonable accommodations that might involve varying job requirements and/or changing the way this job is performed, provided that such accommodations do not pose an undue hardship.
Capgemini is committed to providing reasonable accommodations during our recruitment process. If you need assistance or accommodation, please reach out to your recruiting contact.
Please be aware that Capgemini may capture your image (video or screenshot) during the interview process and that image may be used for verification, including during the hiring and onboarding process.
Applicants for employment in the US must have valid work authorization that does not now and/or will not in the future require sponsorship of a visa for employment authorization in the US by Capgemini.
These cookies are necessary for the website to function and cannot be turned off in our systems. You can set your browser to block these cookies, but then some parts of the website might not work.
Security
User experience
Target group oriented cookies
These cookies are set through our website by our advertising partners. They may be used by these companies to profile your interests and show you relevant advertising elsewhere.
Google Analytics
Google Ads
We use cookies
🍪
Our website uses cookies and similar technologies to personalize content, optimize the user experience and to indvidualize and evaluate advertising. By clicking Okay or activating an option in the cookie settings, you agree to this.
The best remote jobs via email
Join 5'000+ people getting weekly alerts with remote jobs!