← All open roles
Ping Identity Federation Engineer
Engineer federation and access management solutions using the Ping Identity platform across enterprise clients. You'll work across PingFederate, PingAccess, PingID, and PingOne, with a focus on modernizing legacy SSO estates and integrating with modern SaaS ecosystems.
What you'll do
- Design and implement PingFederate IdP and SP integrations using SAML 2.0 and OIDC
- Configure PingAccess policies, rules, and site authenticators for application protection
- Deploy and tune PingID MFA including risk-based policies and FIDO2 authenticators
- Migrate legacy federation platforms (CA SiteMinder, Oracle Access Manager, ADFS) to PingFederate
- Build PingOne DaVinci flows for orchestration and custom user journeys
- Troubleshoot federation issues including SAML assertion decoding, token lifetimes, and clock skew
- Produce runbooks and operational documentation for client handoff
What we need from you
- 4+ years identity federation experience with at least 2 years on Ping products
- Deep expertise in SAML 2.0 and OIDC protocol mechanics and debugging
- Experience with at least two of: PingFederate, PingAccess, PingID, PingOne
- Working knowledge of Java and scripting for Ping integration customization
- US-based with unrestricted work authorization
Bonus, not required
- Ping Identity Certified Professional
- PingOne DaVinci orchestration experience
- Prior federation platform migration projects (SiteMinder, OAM, ADFS)
- Familiarity with API access management and OAuth 2.0 patterns
What you'll get
Competitive base plus utilization and performance bonuses. Paid Ping certifications and conference sponsorship.