×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer

Senior IAM Engineer Identity Broker Architect

Job in Silver Spring, Montgomery County, Maryland, 20900, USA
Listing for: T and T Consulting Services, Inc.
Full Time, Seasonal/Temporary position
Listed on 2026-01-15
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 125000 - 150000 USD Yearly USD 125000.00 150000.00 YEAR
Job Description & How to Apply Below

Overview

Join to apply for the Senior IAM Engineer Identity Broker Architect role at T and T Consulting Services, Inc.

Project Overview:
We are seeking a Senior Identity & Access Management (IAM) Engineer / Identity Broker Architect to lead the design and implementation of the Logbook Identity Management Broker for OpenID (LIMBO) for NOAA. LIMBO will serve as a mission-critical identity broker enabling secure authentication for NOAA employees (via ICAM) and public users (via Login.gov), while preserving authorization and permit data stored in multiple legacy systems.

This role requires deep hands-on experience with OIDC and SAML 2.0, building authentication platforms at scale, and operating in a federal environment with CAC/PIV, MFA, and NIST-aligned requirements.

You will drive architecture, system build, integrations, security compliance, automated testing, and support for multiple mobile applications used across the U.S. fishing industry.

Responsibilities
  • Identity Broker Development:
    Design and build the LIMBO identity broker that supports:
  • OIDC Authorization Code Flow with PKCE (S256)
  • JWT access tokens signed with RS256
  • Standard OIDC endpoints: /authorize, /token, /userinfo, /jwks, /.well-known/openid-configuration
  • Implement SAML 2.0 Service Provider capabilities including:
    Signed assertions and responses, HTTP Redirect & POST bindings, Metadata import/export, Configurable SAML attribute/OIDC claim mapping
  • Federal Identity Provider Integrations:
    Integrate with NOAA ICAM to enable CAC/PIV authentication for NOAA staff;
    Integrate with NOAA's Login.gov federation broker for public user authentication.
  • Legacy System Integrations:
    Build secure APIs and UI flows to link Login.gov identities with existing legacy systems (PIMS via validation-code workflow, GARFO Certify REST API), and store/maintain user-to-permit associations with permit-access revocation workflows.
  • Architecture, Testing & Deployment:
    Design relational database schema to preserve identity and authorization data; implement automated unit, integration, and load tests; deliver containerized builds that meet NMFS OCIO standards; provide documentation, training, and post-deployment support; collaborate with ECL development teams and NOAA operations staff.
Qualifications
  • Identity & Authentication
  • 5-8+ years backend engineering experience, including 3+ years in IAM
  • Expert-level knowledge of:
    OpenID Connect (OIDC), OAuth 2.0 / 2.1, SAML 2.0 federation, PKCE, JWT/JWS/JWKS, RS256 signing
  • Experience building or customizing:
    Identity brokers, Authorization servers, SAML SP integrations
  • Backend Engineering
  • Experience with at least one modern backend stack:
    Java (Spring Boot) or Node.js (NestJS or Express)
  • Additional Backend Requirements
  • REST API design and secure credential handling
  • Relational databases (Postgre

    SQL/MySQL) - schema design, migrations
  • Docker containerization and CI/CD pipelines
  • Automated testing frameworks (JUnit, Jest, Mocha, Postman/Newman, etc.)
  • Security & Compliance
  • Experience in federal or regulated environments
  • Understanding of CAC/PIV, MFA, FedRAMP/NIST 800-63 guidelines
  • Preferred Qualifications
  • Integration experience with ICAM, Login.gov, Azure AD or similar
  • Experience supporting mobile/PWA apps using OIDC login
  • Familiarity with Appian-based systems (e.g., PIMS)
  • Experience with large-scale identity consolidation or migration projects
  • Soft Skills
  • Ability to document technical work for federal stakeholders, strong communication and collaboration skills
  • Ability to lead architecture discussions and mentor junior engineers
  • Comfortable working independently with distributed teams
What We Provide
  • Opportunity to build a mission-critical authentication platform supporting NOAA's regulatory programs and the U.S. fishing industry
  • Work on modern identity standards and federal-grade security architecture
  • Collaborative environment with NOAA, NMFS, and ECL development teams
  • Long-term engagement potential on future modernization efforts

Benefits: Competitive benefits package including health, dental, vision, life insurance coverage, 401(k) plan, training programs, accrued paid time off (PTO), performance-based monthly & quarterly awards, paid holidays and customer kudos rewards.

Equal Opportunity Employer/Veterans/Disabled

EEO & Seniority
  • Seniority level:
    Mid-Senior level
  • Employment type:

    Full-time
  • Job function:
    Information Technology
  • Industries: IT Services and IT Consulting

Referrals increase your chances of interviewing at T and T Consulting Services, Inc. by 2x

Apply BELOW

Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search