Our client is strengthening its digital identity capabilities and is looking for an Identity Platform Engineer to design and operate its IAM ecosystem based on Ping Identity technologies (PingFederate / PingOne AIC). Positioned at the intersection of Security, Development, and Operations, the role focuses on building a scalable and automated identity platform where application onboarding is driven by code rather than manual configuration. The engineer will translate complex business requirements into secure, maintainable, and automated identity solutions.
Design and configure complex SAML 2.0 and OpenID Connect (OIDC) integrations for applications (legacy and SaaS)
Build and maintain custom Authentication Journeys and policies within the IAM platform
Develop JavaScript logic (ES6+) in scripted nodes to manage dynamic authorization and user flows
Automate application onboarding and lifecycle management using Identity-as-Code (IdaC) principles
Implement and maintain IAM configurations using tools such as Terraform, Pulumi, or StackGuardian
Manage attribute mapping, policy contracts, and identity data transformations
Integrate IAM configurations into CI/CD pipelines with automated testing and deployment
Act as a technical advisor to application owners on OAuth 2.0 flows (e.g., PKCE) and integration strategies
Proven experience with PingFederate or PingOne Advanced Identity Cloud (AIC) / ForgeRock
Strong expertise in IAM core concepts: SSO, MFA, RBAC/ABAC, Token Management
In-depth knowledge of SAML, OAuth 2.0, and OIDC
Proficiency in JavaScript (ES6+), REST APIs, and JSON
Ability to translate business requirements into technical authentication journeys and policies
Experience with Terraform or Pulumi
Familiarity with StackGuardian
Experience integrating IAM into CI/CD environments
Strong troubleshooting skills in token analysis and authentication flows
N/A
