Leidos has an opening for a Product Manager supporting Enterprise Identity, Credential, and Access Management (IDAM) within the U.S. Air Force Cloud One Architecture & Common Shared Services (ACSS) program. Under Cloud One ACSS, the Leidos team delivers enterprise cloud architecture, foundational shared services, and secure platform capabilities enabling mission systems across multi-cloud and hybrid environments.

The Enterprise IDAM Product Manager will define and manage identity services that span AWS, Azure, GCP, Oracle Cloud Infrastructure (OCI), and hybrid/on-premises environments. This role ensures identity architecture aligns with DoD Zero Trust strategy, supports Impact Levels (IL2–IL6), and enables secure, seamless access to mission systems across classified and unclassified domains.

You will work closely with cybersecurity architects, cloud platform engineers, network teams, and government stakeholders to implement enterprise-grade identity federation, privileged access management, role-based access control, and continuous monitoring solutions that form the foundation of Zero Trust architecture.

Ideal candidates will have the ability to travel to the Tewksbury, MA area as needed.

Primary Responsibilities:

• Enterprise Identity Strategy & Roadmap.

• Support and maintain the product vision and roadmap for cross-cloud IDAM services within Cloud One ACSS.

• Align identity services with Department of the Air Force Zero Trust Architecture and DoD Enterprise Identity Strategy.

• Enable standardized identity patterns for multi-cloud and hybrid environments.

• Ensure interoperability across AWS IAM, Azure Entra ID, GCP IAM, OCI IAM, and on-prem Active Directory services.

• Identity Federation & Access Governance

Lead lifecycle management of enterprise identity services including:

• Single Sign-On (SSO).
  -Multi-Factor Authentication (MFA).
  -Role-Based Access Control (RBAC).
  -Attribute-Based Access Control (ABAC).
  -Privileged Access Management (PAM).

• Enable federation using SAML, OAuth 2.0, OpenID Connect, and cross-domain identity brokers.

• Support centralized identity governance and lifecycle management.

• Define policies for least privilege access and just-in-time elevation.

Zero Trust & Continuous Verification:

• Support implementation of Zero Trust principles including identity-centric access controls.

• Integrate conditional access policies and risk-based authentication.

• Enable device trust and identity verification mechanisms.

• Ensure identity telemetry feeds into enterprise security monitoring and SIEM platforms.

• Compliance, RMF & Security Integration:

• Ensure identity services comply with RMF, FedRAMP High, DoD SRG, DISA STIGs, and NIST 800-53 controls.

• Support identity components required for IL2–IL6 environments.

• Partner with cybersecurity teams to maintain ATO posture and continuous monitoring compliance.

• Develop audit logging and identity monitoring frameworks.

Hybrid & Cross-Domain Integration:

• Enable identity synchronization between cloud and on-prem environments.

• Support integration with DoD PKI and CAC authentication.

• Facilitate cross-domain identity solutions where applicable.

• Ensure compatibility with classified and mission partner environments.

Stakeholder Engagement & Governance:

• Serve as primary liaison between government leadership, cybersecurity stakeholders, and cloud platform teams for IDAM capabilities.

• Translate mission requirements into prioritized identity services and backlog features.

• Conduct executive briefings on identity risk posture, compliance status, and roadmap evolution.

• Participate in architecture review boards and Integrated Product Teams (IPTs).

Documentation & Enterprise Communication

Develop and maintain:

• Identity reference architectures,
  -Access governance policies.
  -Federation implementation guides.
  -Compliance documentation artifacts.

• Publish enterprise identity standards and integration patterns.

• Maintain transparency on service maturity and security posture.

Basic Qualifications:

• Bachelor’s degree and 8+ years of experience in identity management, cybersecurity, enterprise IT or a Masters with 10+ years of applicable experience.

• 3+ years of experience in product management.

• Active DoD Secret clearance required; Top Secret preferred.

• DoD 8570.01 IAT Level II certification required prior to onboarding.

• 3+ years of experience implementing enterprise IDAM solutions.

• Experience supporting identity services in multi-cloud and hybrid environments.

Strong understanding of:

• SAML, OAuth 2.0, OpenID Connect.

• RBAC and ABAC models.

• Federation and cross-account identity models.

• Privileged Access Management.

• CAC/PKI authentication integration.

• Experience supporting RMF and IL4/IL5 ATO processes.

• Experience operating in Agile and Dev Sec Ops environments.

• Strong executive-level communication skills.

Required Certifications:

• Certified Information Systems Security Professional (CISSP) or equivalent.

• Certified Identity and Access Manager (CIAM) or similar credential.

• Certified Scrum Product Owner (CSPO) or equivalent.

• SAFe Product Owner/Product Manager (POPM) or Agile certification.

• Preferred Certifications:

• Microsoft Identity and Access Administrator Associate.

• AWS Security Specialty.

• Google Cloud Professional Security Engineer.

• Oracle OCI Security Professional.

• Certified Information Security Manager (CISM).

• ITIL v4.

• PMP Certification.

Preferred Experience:

• Experience supporting Cloud One or DoD Enterprise Cloud programs.

• Experience implementing Zero Trust architectures in regulated environments.

• Experience with enterprise IAM tools such as Okta, Ping, Sail Point, Cyber Ark, or similar.

• Experience integrating identity telemetry into SIEM or SOAR platforms.

• Experience supporting cross-domain or classified identity environments.

• Desired Attributes:

• Strategic thinker with strong understanding of Zero Trust principles.

• Strong collaborator across cybersecurity, networking, and cloud engineering teams.

• Risk-aware decision maker focused on secure-by-design identity architecture.

• Comfortable operating in high-visibility, mission-critical DoD programs.

C1NACSS

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.

Original Posting:

March 13, 2026

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

Pay Range $107,900.00 - $195,050.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.