Job Title: Senior IAM Engineer - ForgeRock & Ping Identity

Experience Required

10+ Years

Job Summary

We are seeking a highly experienced Senior IAM Engineer with deep expertise in ForgeRock Identity Platform, Ping Identity, and Java-based IAM integrations. The ideal candidate will be responsible for designing, implementing, customizing, and supporting enterprise Identity and Access Management (IAM) solutions, including authentication, authorization, user lifecycle management, and directory services.

The role requires strong hands-on experience with ForgeRock OpenAM, OpenIDM, OpenDJ, Identity Gateway (IG), LDAP, Java/J2EE development, and modern authentication technologies such as WebAuthn.

Key Responsibilities

Identity & Access Management

• Design, implement, and maintain enterprise IAM solutions using ForgeRock products.
• Configure and manage authentication, authorization, SSO, MFA, and identity federation solutions.
• Support identity governance, user lifecycle management, and access management initiatives.
• Ensure IAM solutions meet security, compliance, and business requirements.

ForgeRock Administration & Development

• Install, configure, upgrade, and maintain ForgeRock components:
  • OpenAM (Access Management)
  • OpenIDM (Identity Management)
  • OpenDJ (LDAP Directory Services)
  • ForgeRock Identity Gateway (IG)
• Customize ForgeRock workflows, authentication journeys, and access policies.
• Develop and maintain Groovy scripts for authentication and authorization processes.
• Implement custom integrations between ForgeRock products and enterprise applications.

Java Development & Integration

• Design and develop Java/J2EE-based IAM integrations.
• Extend ForgeRock capabilities through custom Java development.
• Build REST/SOAP integrations with enterprise applications and third-party systems.
• Develop custom connectors, adapters, and APIs for identity services.

Identity Gateway & Federation

• Configure and customize ForgeRock Identity Gateway (IG).
• Implement secure access controls and policy enforcement mechanisms.
• Integrate ForgeRock with:
  • Web applications
  • APIs
  • Cloud services
  • Enterprise identity providers

User Provisioning & Directory Services

• Implement user provisioning and deprovisioning workflows using OpenIDM.
• Manage LDAP directory structures and synchronization processes.
• Configure and maintain OpenDJ and other LDAP repositories.
• Support identity data management and reconciliation processes.

Authentication & Security

• Implement modern authentication mechanisms including:
  • SSO
  • OAuth 2.0
  • OpenID Connect (OIDC)
  • SAML
  • WebAuthn
  • MFA
• Ensure security best practices are followed across IAM implementations.

Support & Troubleshooting

• Troubleshoot and resolve IAM platform issues.
• Analyze logs and performance metrics.
• Support production deployments and platform upgrades.
• Collaborate with security, infrastructure, and application teams.

Required Skills

ForgeRock Suite (Mandatory)

• ForgeRock OpenAM
• ForgeRock OpenIDM
• ForgeRock OpenDJ
• ForgeRock Identity Gateway (IG)

Identity & Access Management

• Single Sign-On (SSO)
• OAuth 2.0
• OpenID Connect (OIDC)
• SAML
• MFA
• User Provisioning / Deprovisioning

Development

• Java
• J2EE
• REST APIs
• Groovy Scripting

Directory Services

• LDAP
• OpenDJ
• Directory Synchronization

Security Technologies

• WebAuthn
• Identity Federation
• Authentication & Authorization

Preferred Skills

• Ping Identity
• PingFederate
• PingAccess
• PingOne
• ForgeRock Cloud
• Kubernetes & Docker
• DevOps & CI/CD
• Cloud IAM (AWS, Azure, Google Cloud Platform)

Required Qualifications

• 10+ years of overall IT experience.
• 5+ years of hands-on experience with ForgeRock IAM solutions.
• Strong experience in Java/J2EE development and integration.
• Experience implementing enterprise IAM and access management solutions.
• Strong understanding of LDAP directory services and identity federation.