IAM profile

Key Responsibilities

• Administer and maintain PingFederate instances (on-prem/cloud), ensuring high availability and performance.
• Design and implement SSO solutions using SAML 2.0, OAuth 2.0, and OIDC protocols.
• Develop and manage authentication policies, identity mappings, and token processors/issuers.
• Integrate applications (internal, third-party, and cloud-based) into PingFederate for secure federated login.
• Collaborate with the Ping Access, Ping Directory, and Ping One teams on cross-platform identity solutions.
• Build and maintain connection templates, token validators, and assertion creation rules.
• Work with developers and architects to support API security and token-based auth patterns.
• Perform troubleshooting and debugging of SSO and federation issues (SAML assertions, OIDC tokens).
• Keep documentation, runbooks, and configurations up to date and version-controlled.
• Provide support and guidance during migrations, upgrades, and disaster recovery events.
• Ensure compliance with security policies, audit requirements, and best practices.

Required Skills & Experience

• 5+ years of experience in IAM with hands-on PingFederate exposure.
• Solid understanding of identity federation, SSO, and authentication protocols:
• SAML 2.0, OAuth 2.0, OpenID Connect
• Experience creating and managing:
• SP/IdP connections
• Authentication policies and adapters
• Token management and attribute mapping
• Proficiency in Groovy scripting, JSON, XML, PowerShell, and policy design.
• Experience troubleshooting SSO issues using tools like SAML tracer, Fiddler, Postman, etc.
• Familiarity with Active Directory, LDAP, SCIM, and general directory services.
• Strong grasp of secure authentication and token lifecycle.
• Ability to work in Linux/Unix environments and use CLI tools.

Preferred / Nice-to-Haves

• Exposure to PingAccess, PingDirectory, or PingOne Advanced Services.
• Familiarity with DevOps tools (e.g., Git, Jenkins, Docker) and CI/CD pipelines.
• Working knowledge of Zero Trust and passwordless authentication frameworks (FIDO2/WebAuthn).
• Previous experience integrating PingFederate with apps like Salesforce, AWS, ServiceNow, Workday, etc.
• Basic understanding of cloud identity platforms (Azure AD, Okta, ForgeRock, etc.).

Soft Skills That Make You a Standout

• Detail-oriented with strong problem-solving instincts.
• Strong communication skills you ll be interfacing with developers, security teams, and stakeholders.
• Proactive mindset with ability to own systems end-to-end.