IAM Architect (PingOne Davinci)

Role Overview

Senior Identity and Access Management (IAM) Engineer specializing in Ping Identity and AWS architecture. The role is a 50/50 mix of design and hands-on development, focused on CIAM (Customer Identity and Access Management) using Ping as the core identity infrastructure.

Responsibilities

• Design and build IAM/CIAM solutions using PingFederate, PingDirectory, and PingOne
• Implement OIDC/OAuth flows and manage secure token exchange
• Develop AWS-based architectures, including Lambda, Kafka, OpenSearch, and Terraform automation
• Onboard third-party and partner applications into CIAM
• Collaborate on PingOne DaVinci workflows and PingOne MFA integrations
• Ensure scalability, security, and monitoring of IAM systems using AWS-native tools
• Provide technical leadership and deliver solutions independently

Required Skills & Experience

• Strong hands-on experience with PingFederate, PingDirectory, and PingOne
• Familiarity with PingOne DaVinci, PingOne MFA, and PingOne Protect (risk-based)
• AWS expertise including Lambda, Kafka, OpenSearch and Terraform
• Deep understanding of OIDC/OAuth and token exchange mechanisms
• Experience building CIAM solutions and integrating external applications
• Ability to design and build complex IAM solutions from scratch
• Strong communication and problem-solving skills

Nice-to-Have

• Knowledge of PingOne Advanced Services (managed hosting)
• Experience with risk evaluation and adaptive authentication