ICAM Engineer – PingFederate Specialist-080630 Description

Job Title : ICAM Engineer – PingFederate Specialist Location : N. America

Travel : 25%

Job description: Must be USC and able to obtain or have Top Secret Clearance

Position Overview: We are seeking a highly skilled ICAM Engineer with deep expertise in PingFederate to support a Zero Trust Program Management Office. This role is critical in implementing and sustaining secure identity and access solutions, focusing on the User, Data, and Device pillars. The ideal candidate will have hands-on experience with PingFederate and a strong understanding of identity protocols, Zero Trust principles, and enterprise ICAM architecture across both on-premises and cloud environments. Key Responsibilities: • Design, implement, and maintain PingFederate solutions to support secure federated authentication across hybrid environments, on-prem and cloud. • Support the execution of ICAM capabilities across three key phases:

Pre-deployment – architecture design, documentation planning, and engineering. Deployment – implementation and configuration of PingFederate and related services. Operational Sustainment – ongoing support, documentation, and optimization. • Align ICAM implementations with a Zero Trust Strategy, particularly in the User, Data, and Device pillars: User: Continuous authentication and monitoring of user activity. Data: Enable data visibility and protection through encryption and tagging. Device: Assess device health and enforce access decisions based on real-time posture. • Enhance and support RBAC and ABAC models across the enterprise. • Ensure compliance with ICAM and Zero Trust policies, standards, and guidance. • Collaborate with cross-functional teams to integrate identity services with enterprise applications and services. • Troubleshoot and resolve authentication and access issues in complex environments.

Qualifications

Required Qualifications: • Must be US Citizen • Top Secret (TS) level clearance required or able to obtain • Bachelor’s degree in Computer Science, Cybersecurity, or related field (or equivalent experience). • 3+ years of direct experience implementing and managing PingFederate in enterprise environments. • Strong knowledge of SAML 2.0, OAuth 2.0, OpenID Connect, and related identity standards. • Experience/Familiarity supporting Zero Trust initiatives. • Familiarity with Active Directory, LDAP, PKI, and cloud identity services (e.g., Azure AD). • Proficiency in scripting (e.g., PowerShell, Python) for automation and integration. Preferred Qualifications: • Ping Identity certifications (e.g., PingFederate Certified Professional). • Experience with other Ping Identity products (PingAccess, PingDirectory, PingOne). • Knowledge of Zero Trust architecture and NIST 800-207 • Experience with federal IT environments. • Familiarity with ICAM-related tools and technologies used in federal healthcare IT.

Life at Capgemini

Capgemini supports all aspects of your well-being throughout the changing stages of your life and career. For eligible employees, we offer: Flexible work

Healthcare including dental, vision, mental health, and well-being programs

Financial well-being programs such as 401(k) and Employee Share Ownership Plan

Paid time off and paid holidays

Paid parental leave

Family building benefits like adoption assistance, surrogacy, and cryopreservation

Social well-being benefits like subsidized back-up child/elder care and tutoring

Mentoring, coaching and learning programs

Employee Resource Groups

Disaster Relief