Senior CIAM Architect, Ping Identity

Job Summary

Required Qualifications

• 15+ years of experience in Identity and Access Management (IAM) / Customer Identity and Access Management (CIAM)
• 8+ years of strong hands-on experience with Ping Identity product suite (PingFederate, PingDirectory, PingAccess, PingOne)
• Proven experience designing and supporting enterprise-scale customer authentication platforms (10M+ users preferred)
• Strong expertise in SAML 2.0, OAuth 2.0, OpenID Connect (OIDC), and JWT technologies
• Hands-on expertise in PingFederate administration, SSO integrations, token exchange, authentication policies, adapters, and OAuth/OIDC troubleshooting
• Experience with PingDirectory administration, LDAP integrations, directory operations, replication, and troubleshooting
• Good understanding of PingAccess for application access control
• Strong hands-on experience with SSL/TLS certificates, keystore/truststore management, JKS/PKCS12 handling, CSR generation, CA chains, and mutual TLS
• Solid knowledge of Linux administration, networking fundamentals, DNS, load balancers, reverse proxies, and firewall concepts
• Experience with cloud environments, preferably AWS
• CI/CD pipelines, Git, Jenkins, Terraform, and monitoring/observability tools
• Strong troubleshooting skills across federation, OAuth, token validation, LDAP connectivity, directory replication, certificate chain issues, latency, routing, and production incidents