DevOps Lead - ICAM SSO Modernization

Company Overview

Bravo Communications Services LLC is leading the Identity Credential Access Management Next Gen Single Sign On (ICAM NG SSO) program for the Department of Veterans Affairs. This program aims to modernize the VA's Single Sign-On (SSO) technology to enhance security, user experience, and operational efficiency.

Position Overview

The DevOps Lead will provide senior engineering leadership for the VA ICAM Next Generation SSO modernization effort, supporting the migration to Entra ID for SSOi and Okta for SSOe. This role drives DevSecOps automation, CI/CD modernization, cloud environment reliability, and Tier 3 support for identity‑integrated applications and services.

Responsibilities

Pipeline & Platform Engineering

• Architect, build, and optimize CI/CD pipelines supporting identity-aware services and cloud-hosted ICAM components.
• Implement Infrastructure-as-Code (Terraform) for identity platform infrastructure, app registrations, policy objects, and environment provisioning.
• Integrate automated security scanning, SBOM generation, compliance gates, and identity-specific validation checks.

Cloud & Environment Management

• Manage Azure-centric environments supporting Entra ID, Okta, and ICAM modernization workloads.
• Oversee containerization and orchestration (AKS preferred) for identity microservices, proxies, and supporting components.
• Ensure observability across identity flows using logging, monitoring, alerting, and distributed tracing.

Security, Compliance & Zero Trust Alignment

• Embed DevSecOps principles into identity-integrated pipelines and workflows.
• Ensure alignment with NIST 800-63, Zero Trust Identity Pillar requirements, FedRAMP controls, and VA-specific cybersecurity directives.
• Implement secure secrets management, identity governance patterns, and least-privilege access models across DevOps tooling.

Cross-Team Leadership & Modernization Enablement

• Collaborate with ICAM architects, onboarding teams, cybersecurity, and application owners to accelerate SSO migrations.
• Provide technical leadership and mentorship to DevOps engineers supporting ICAM modernization.
• Communicate risks, dependencies, and modernization progress to program leadership with clarity and precision.

Required Experience/Qualifications

• Strong experience supporting identity-enabled applications and SSO integrations (OIDC, OAuth2, SAML, SCIM).
• Hands-on experience with Entra ID, Okta, or equivalent enterprise identity platforms.
• Expert-level proficiency with CI/CD pipelines and Git-based workflows.
• Strong experience with Azure cloud services and IaC frameworks (Terraform preferred).
• Proven Tier 3 support experience resolving complex identity, pipeline and cloud infrastructure issues.
• Excellent communication skills with ability to translate technical detail into leadership ready insights.
• Experience leading and mentoring DevOps teams

Preferred Experience/Qualifications

• Experience supporting federal ICAM programs, ATO processes, or regulated environments.
• Familiarity with Zero Trust architectures, identity governance, and attribute-based access control (ABAC).
• Experience with service mesh, artifact repositories, and identity-aware API gateways.

Special Requirements/Security Clearance

• Ability to obtain and maintain a Public Trust