Zero Trust IGA Engineer

Zero Trust IGA Engineer Onsite Cyber-Intel Tampa, FL JOIN THE TEAM Barbaricum is a rapidly growing government contractor providing leading-edge support to federal customers, with a particular focus on Defense and National Security mission sets. We leverage more than 17 years of support to stakeholders across the federal government, with established and growing capabilities across Intelligence, Analytics, Engineering, Mission Support, and Communications disciplines. Founded in 2008, our mission is to transform the way our customers approach constantly changing and complex problem sets by bringing to bear the latest in technology and the highest caliber of talent. Headquartered in Washington, DC’s historic Dupont Circle neighborhood, Barbaricum also has a corporate presence in Tampa, FL, Bedford, IN, and Dayton, OH, with team members across the United States and around the world. As a leader in our space, we partner with firms in the private sector, academic institutions, and industry associations with a goal of continually building our expertise and capabilities for the benefit of our employees and the customers we support. Through all of this, we have built a vibrant corporate culture diverse in expertise and perspectives with a focus on collaboration and innovation. Our teams are at the frontier of the Nation’s most complex and rewarding challenges. Join our team. We are seeking an IGA Engineer to support USSOCOM’s Zero Trust execution efforts by implementing and operating SailPoint-based identity governance capabilities across NIPR, SIPR, and Top Secret networks. The Role The IGA Engineer is responsible for designing, deploying, and maintaining SailPoint Identity Governance solutions that serve as the authoritative source for identity attributes and access decisions. This role goes beyond basic provisioning and focuses on implementing lifecycle automation, access governance, and attribute-driven access control in complex, multi-enclave environments. Responsibilities Design, deploy, and maintain SailPoint IdentityNow or IdentityIQ to automate Joiner-Mover-Leaver (JML) identity lifecycle processes Define and manage identity attributes (e.g., clearance, role, COI, project codes) used to support attribute-based access control (ABAC) models Configure and execute automated access certification campaigns for privileged roles and critical systems Develop and maintain SailPoint role models, including technical and business roles, to replace static group-based access Support identity governance operations across disconnected and air-gapped environments, including Top Secret networks Ensure identity data integrity and synchronization between low-side and high-side environments Collaborate with ICAM, Zero Trust, and integration teams to ensure identity attributes are consumed correctly by downstream enforcement tools Support audit and compliance requirements related to access governance and identity lifecycle management Required Qualifications Active DoD Top Secret clearance with SCI eligibility DoD 8570 / 8140 compliant (Security+ CE or higher – IAT Level II) 5+ years of hands-on experience implementing and administering SailPoint (IdentityNow or IdentityIQ) in an enterprise environment Strong understanding of identity lifecycle management (Joiner-Mover-Leaver automation) Experience integrating SailPoint with Active Directory, LDAP, and Microsoft Entra ID Experience implementing access governance concepts, including RBAC, separation of duties (SoD), and access certification Ability to operate independently in complex, mission-critical environments Labor Category Alignment Journeyman: 3–10 years of experience; BA/BS or MA/MS Senior: 10+ years of experience; MA/MS; supports high-visibility or mission-critical program efforts and may lead others Preferred Qualifications Experience implementing Attribute-Based Access Control (ABAC) strategies Familiarity with DoD ICAM reference architectures and Zero Trust concepts Experience integrating SailPoint using REST, SCIM, or SOAP Prior experience supporting USSOCOM or other DoD organizations SailPoint Certified IdentityNow or IdentityIQ Engineer