Sr IAM Architect - Hands on Implementation Tech Lead ( ForgeRock / PING Identity )

Senior ForgeRock Architect & Implementation Lead 

• 100% REMOTE
• 3-6 months contract
• Immediate
• ForgeRock Identity Cloud is now part of PingOne Advanced Identity Cloud... The client asked for ForgeRock

Role Overview:

This role will serve as the primary expert for our Identity and Access Management (IAM) ecosystem. This role requires a blend of strategic architectural vision and deep technical "under-the-hood" implementation skills. You will be responsible for the end-to-end lifecycle of the ForgeRock platform —from gathering business requirements and designing scalable architectures to hands-on coding of custom authentication nodes and managing production deployments.

Required Skills & Qualifications

• Expertise: 8+ years of hands-on experience in IAM, with at least 5+ years specifically focused on the ForgeRock Identity Platform.
• Coding: Proficiency in Java is essential for extending platform capabilities. Strong scripting skills in JavaScript, Groovy, and Python are required for workflow and journey customization.
• Protocols: Deep mastery of identity standards: OAuth2, OpenID Connect (OIDC), SAML 2.0, JWT, and LDAP.
• Infrastructure: Solid experience with containerization (Docker/Kubernetes) and cloud-native IAM topologies.
• Soft Skills: Proven ability to translate business requirements into technical specs and lead discussions with both technical and non-technical stakeholders.

Key Responsibilities

Architectural Strategy & Design:

• Define the target solution architecture for ForgeRock (on-prem, cloud, or hybrid) including high-availability (HA) and disaster recovery planning.
• Design complex identity orchestration workflows and custom Intelligent Authentication Journeys.
• Create detailed technical blueprints, infrastructure plans, and data models specifically for ForgeRock Directory Services (DS).

Hands-on Implementation:

• Install, configure, and customize the full ForgeRock stack: Access Management (AM), Identity Management (IDM), Directory Services (DS), and Identity Gateway (IG).
• Write high-quality Java, Groovy, or JavaScript code to develop custom authentication nodes, post-authentication modules, and specialized scripts.
• Integrate ForgeRock with diverse enterprise applications, cloud providers (AWS, Azure, Google Cloud Platform), and social identity providers using protocols like SAML 2.0, OAuth2, and OIDC.

Platform Engineering & DevOps:

• Build and maintain automated CI/CD pipelines for ForgeRock configurations using tools like Terraform, Docker, and Kubernetes.
• Perform performance tuning, optimization, and root cause analysis for complex integration issues.
• Manage technical SDLC documentation, including architecture diagrams, configuration guides, and operational procedures.

Preferred Certifications

• ForgeRock Certified Access Management Specialist.
• ForgeRock Certified Identity Management Specialist.
• ForgeRock Identity Cloud Certified Professional.
• CISSP or CISM is a significant plus.