Location: Denver, CO
Salary: $65.00 USD Hourly - $75.00 USD Hourly
Description: Our client is currently seeking an Identity DevOps Engineer
Identity DevOps Engineer Location: Remote
Duration: 12+ Months
Minimum qualifications: - 5-7 years of hands-on experience in Identity and Access Management (IAM) and Cloud Infrastructure/DevOps.
- Expert-level proficiency in the Ping Identity Software suite, specifically PingFederate.
- Strong background in Java/J2EE development, with specific experience managing, troubleshooting, and migrating legacy Java-based custom adapters, custom PCVs, and data stores.
- Proven experience managing infrastructure as code (IaC) and containerized environments using Google Cloud Platform (Google Cloud Platform), GKE, Terraform, Helm charts, and Git.
- Experience building and maintaining CI/CD pipelines (e.g., Jenkins).
- Strong scripting and automation skills (Python, PowerShell, etc.).
- Ability to participate in a rotational on-call schedule and independently handle production issues.
Preferred qualifications: - Hands-on experience executing complex migrations from on-premise PingFederate to cloud-based PingOne.
- Experience with PingOne SSO, PingOne MFA, and leveraging Ping DaVinci for customized self-service flows.
- Deep knowledge of M365 SSO integrations and establishing federated trust with Entra ID (Azure AD).
- Experience expanding PingOne Protect applications and partnering with security teams to tune threat triggers.
- Familiarity with Oracle Authorization products (OIM, OAG).
- Experience partnering with QA teams to automate test script creation.
About the job: We are seeking a highly specialized Identity DevOps Engineer to take ownership of our comprehensive Single Sign-On (SSO) platform. This role operates at the intersection of deep Identity Architecture, Cloud-Native DevOps, and legacy software engineering.
You will not just be administering an IAM system; you will be architecting its future. We need a senior-level engineer capable of navigating complex, legacy Java-based custom adapters while simultaneously driving our modern infrastructure forward using Terraform, Kubernetes, and automated CI/CD pipelines. You will be instrumental in a large-scale migration from PingFederate to PingOne, requiring both strategic architectural vision and the tactical ability to write code and automate deployments.
As a core member of the team, you will balance these high-level engineering initiatives with critical operational responsibilities, acting as the ultimate point of escalation for complex user issues and ensuring the day-to-day resiliency of our global security infrastructure.
Responsibilities: - Architecture & Migration: Lead complex IAM integrations and drive the architectural strategy for migrating legacy on-premise PingFederate environments to PingOne.
- DevOps & Infrastructure: Deploy, manage, and scale IAM platforms across on-premise, hybrid, and cloud environments (Google Cloud Platform) utilizing GKE, Terraform, Helm, and Jenkins.
- Custom Development: Manage, troubleshoot, and refactor legacy Java-based custom adapters (Java/J2EE), custom PCVs, and complex data stores within the Ping ecosystem.
- Platform Enhancement: Streamline federated trust between Ping and Entra, deploy PingCentral for automation and customer self-service, and leverage DaVinci to enhance self-service MFA and password reset flows.
- Security & Threat Management: Expand PingOne Protect capabilities, improve system logging and monitoring, and oversee certificate management improvements.
- Operational Excellence: Independently handle production issues, manage day-to-day intakes and incidents, partner with the Service Desk for MFA setups, and provide robust production support on a rotational on-call basis.
Complex Escalations: Resolve advanced user experience issues spanning Active Directory, networking, and DevOps (e.g., lockouts, rogue errors, login consistency).
By providing your phone number, you consent to: (1) receive automated text messages and calls from the Judge Group, Inc. and its affiliates (collectively "Judge") to such phone number regarding job opportunities, your job application, and for other related purposes. Message & data rates apply and message frequency may vary. Consistent with Judge's Privacy Policy, information obtained from your consent will not be shared with third parties for marketing/promotional purposes. Reply STOP to opt out of receiving telephone calls and text messages from Judge and HELP for help.
Contact: This job and many more are available through The Judge Group. Please apply with us today! 
Never miss an opportunity! Create an alert based on the job you applied for.