Ping Federate Engineer Key Responsibilities • Administer and maintain PingFederate instances (on-prem/cloud), ensuring high availability and performance. • Design and implement SSO solutions using SAML 2.0, OAuth 2.0, and OIDC protocols. • Develop and manage authentication policies, identity mappings, and token processors/issuers. • Integrate applications (internal, third-party, and cloud-based) into PingFederate for secure federated login. • Collaborate with the PingAccess, PingDirectory, and PingOne teams on cross-platform identity solutions. • Build and maintain connection templates, token validators, and assertion creation rules. • Work with developers and architects to support API security and token-based auth patterns. • Perform troubleshooting and debugging of SSO and federation issues (SAML assertions, OIDC tokens). • Keep documentation, runbooks, and configurations up to date and version-controlled. • Provide support and guidance during migrations, upgrades, and disaster recovery events. • Ensure compliance with security policies, audit requirements, and best practices. Required Skills & Experience • 3–5+ years of experience in IAM with hands-on PingFederate exposure. • Solid understanding of identity federation, SSO, and authentication protocols: • SAML 2.0, OAuth 2.0, OpenID Connect • Experience creating and managing: • SP/IdP connections • Authentication policies and adapters • Token management and attribute mapping • Proficiency in Groovy scripting, JSON, XML, PowerShell, and policy design. • Experience troubleshooting SSO issues using tools like SAML tracer, Fiddler, Postman, etc. • Familiarity with Active Directory, LDAP, SCIM, and general directory services. • Strong grasp of secure authentication and token lifecycle. • Ability to work in Linux/Unix environments and use CLI tools. Preferred / Nice-to-Haves • Exposure to PingAccess, PingDirectory, or PingOne Advanced Services. • Familiarity with DevOps tools (e.g., Git, Jenkins, Docker) and CI/CD pipelines. • Working knowledge of Zero Trust and passwordless authentication frameworks (FIDO2/WebAuthn). • Previous experience integrating PingFederate with apps like Salesforce, AWS, ServiceNow, Workday, etc. • Basic understanding of cloud identity platforms (Azure AD, Okta, ForgeRock, etc.). Soft Skills That Make You a Standout • Detail-oriented with strong problem-solving instincts. • Strong communication skills—you’ll be interfacing with developers, security teams, and stakeholders. • Proactive mindset with ability to own systems end-to-end.