Senior Software Engineer – IAM
Lambda
AWSAzureCloudGoGoogle Cloud PlatformPythonTerraform
Senior DevSecOps Engineer, Keycloak
CACI International Inc
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇺🇸 United States
Visit company websiteSalary
💰 $98,500 - $206,800 per year
Job Level
Senior
Tech Stack
AWSCloudJavaKubernetesMicroservicesPythonRealm
About the role
- Support our DOD/AF customer with cloud native solutions that implement the customer’s Zero Trust objectives
- Be part of an agile development team building DevSecOps solutions for the customer’s enterprise development projects
- Develop and manage Keycloak Identity Management solutions for Platform One
- Maintain and enhance custom Keycloak realms, themes, and identity flows (OIDC, OAuth2, SAML)
- Design and deploy identity-focused Kubernetes-native solutions
- Build and maintain CI/CD pipelines, automated test frameworks, and secure production deployments
- Ensure compliance with DoD and DAF directives (e.g., STIGs, RMF, ATO)
- Provide operational support including incident response and tiered ticket troubleshooting
- Support RBAC/ABAC implementation and ICAM Federation compliance requirements
- Provide support during a 3-month contract (Sept–Dec 2025) with strong possibility of extension through June 2026
- Up to 10% travel required (Continental US)
Requirements
- 7+ years Development & DevSecOps experience w/ Bachelors or additional relevant experience
- US Citizenship & Eligibility to obtain a US Secret Clearance
- 2+ years experience with Keycloak, including realm configuration, protocol integrations (OIDC/SAML), and custom theming
- 3–5 years of Java development experience, ideally from a software engineering background
- 2–5 years experience with scripting and automation using Python, Bash, or similar
- 3–5 years experience designing and deploying Kubernetes-based solutions
- Experience with CI/CD pipelines, containerization, and secure DevSecOps practices
- Familiarity with DoD compliance requirements, such as ATO, STIGs, FedRAMP
- Desired: Experience with CAC authentication, PIV tokens, and client-side PKI certificate handling
- Desired: Experience working in AWS environments (CLI and SDK)
- Desired: Okta experience (especially Federation Practice Statement development and migration from Keycloak)
- Desired: Experience with ATO/accreditation processes
- Desired: Familiarity with scanning and compliance tools like RMF, ACAS, twistlock, PrismaCloud
- Proven ability to work across multi-tenant identity services, supporting thousands of users and integrating with microservices
- Ability to support RBAC/ABAC implementation and ICAM Federation compliance requirements
Benefits
- comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.
- flexible time off benefit
- competitive compensation
- benefits and learning and development opportunities
- robust learning resources to make your ambitions a reality
- flexible work arrangements (Remote (Any State))
ATS Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
DevSecOpsKeycloakOIDCOAuth2SAMLKubernetesJavaPythonBashCI/CD
Soft skills
incident responsetroubleshootingcollaborationcommunicationproblem-solving
Certifications
US Secret Clearance
Similar jobs on JobTailor
MuleSoft Architect
Green Irony
AWSAzureCloudDNSJavaJavaScriptJenkinsKafkaMavenNode.jsSplunkTerraform
Security Engineer, Product and Production Infrastructure
Wiz
AWSAzureCloudGoGoogle Cloud PlatformKubernetesPythonTerraform
Executive Director, Cloud Operations and Infrastructure
Syneos Health
AWSAzureCloudKubernetesLinuxOracleSQL
Senior IAM and Backend Engineer, Keycloak, Spring Boot
InnovationTeam
CloudDockerJavaJenkinsKafkaKubernetesLinuxMicroservicesMongoDBPostgresRealmRedis+3 more