Senior IAM Architect

3 weeks, 1 day ago
Full-time
Lead
DevOps and Infrastructure
Ping Identity

Ping Identity

Ping Identity provides cloud-based identity management software that enables organizations to secure and streamline user access to applications and data, ensuring a seamless experience for employees, partners, and customers in a digital environment.

IT Services
1K-5K
Founded 2002

Description

  • Lead the architecture, roadmap, and ongoing maturity of Ping’s internal IAM practice across workforce and customer identity domains.
  • Own the design, implementation, operation, and continuous improvement of internal identity platforms and supporting processes.
  • Serve as the internal owner of Ping’s role model, access model, and identity architecture.
  • Partner with product teams to evaluate, pilot, and adopt new Ping products and acquired capabilities.
  • Collaborate with IT, Security, HR, Engineering, Product, and other stakeholders to define identity requirements and improve processes.
  • Lead role engineering by translating business requirements into roles, permissions, and access controls.
  • Drive execution for SSO, MFA, federation, provisioning, deprovisioning, role assignment, access reviews, and exception handling.
  • Troubleshoot complex authentication, authorization, provisioning, and access issues across applications and connected systems.
  • Maintain standards, procedures, controls, reporting, and documentation for IAM operations and governance.
  • Maintain a lab and test environment to validate integrations, prototype capabilities, and trial new products before production rollout.

Requirements

  • 8+ years of experience in Identity and Access Management, including designing, implementing, and operating WIAM and CIAM environments.
  • Proven experience owning complex IAM platforms from architecture through operations in enterprise environments.
  • Experience building and maintaining DaVinci flows for WIAM and CIAM use cases.
  • Strong hands-on experience with Ping Identity products in production, including PingOne SSO, PingID, PingOne MFA, PingOne Protect, and PingFederate.
  • Strong expertise with SAML, OAuth, OpenID Connect, SCIM, LDAP, and REST-based integrations.
  • Strong troubleshooting skills across authentication, federation, access, and provisioning flows.
  • Experience defining and maintaining roles, permissions, and access models in business terms and technical systems.
  • Strong understanding of identity lifecycle processes, including joiner/mover/leaver workflows, access requests, approvals, exception handling, access removal, and periodic review.
  • Experience implementing IAM controls, reporting, and governance processes that improve auditability, risk management, and operational integrity.
  • Working knowledge of directory services, PKI/certificates, networking, system administration, and application integrations.
  • Strong written and verbal communication skills with the ability to partner across technical teams, business stakeholders, and leadership.
  • Ability to operate independently, drive change, and bring structure to a fast-moving environment.
  • Bachelor’s degree in Computer Science, Information Systems, Engineering, or a related field, or equivalent practical experience.
  • Preferred: Strong hands-on experience with PingOne Architecture and the broader Ping platform ecosystem.
  • Preferred: Experience with PingOne Authorize, PingAccess, PingDirectory, and related Ping technologies.
  • Preferred: Experience with access controls, segregation of duties, least privilege, and policy-driven authorization models.
  • Preferred: Experience with change management, release management, DevOps, platform engineering, Terraform, CI/CD, API integration, and cloud-native deployment models.

Benefits

  • Salary range of $137,000 to $180,000.
  • Flexible, collaborative work environment.
  • Generous PTO and holiday schedule.
  • Parental leave.
  • Progressive healthcare options.
  • Retirement programs.
  • Education reimbursement.
  • Commuter offset for specific locations.
  • Employee Resource Groups and regular team bonding events.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Sr. Information Systems Security Engineer III (6695)

MetroStar 251-1K IT Services

MetroStar is hiring a Sr. Information Systems Security Engineer to help design, implement, and maintain cybersecurity controls and monitoring for protecting sensitive digital assets and ensuring compliance.

Cybersecurity Encryption Splunk
1 hour, 21 minutes ago

Principal Security Engineer – GRC Team Lead (Remote Eligible)

Smartsheet 1K-5K Internet Software & Services

Smartsheet is hiring a GRC Team Lead to build and scale the technical foundation for compliance, risk management, and audit readiness across multiple security and regulatory frameworks.

AWS Azure Bash CloudFormation DevSecOps Encryption GCP HIPAA Python Terraform
1 hour, 51 minutes ago

Network Security Engineer

Kargo 251-1K Media

Kargo is hiring a Network Security Engineer to secure the company’s freight logistics platform across cloud, on-premise, and edge/IoT environments while supporting reliable operations and compliance.

AWS Cybersecurity DHCP DNS GCP Network Security Penetration Testing TCP/IP
1 hour, 51 minutes ago

Staff Security Engineer

First.cx 1-10 information technology & services

Wayve is hiring a Staff Security Engineer to advance the security framework for its internal platform and IT security engineering group, SPINE, while supporting security strategy across endpoint, identity, and internal platform environments.

Bash Linux PowerShell Python
1 hour, 51 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers