← All open roles
Ping Identity Federation Engineer
Engineer federation and access management solutions using the Ping Identity platform across enterprise clients. You'll work across PingFederate, PingAccess, PingID, and PingOne, with a focus on modernizing legacy SSO estates and integrating with modern SaaS ecosystems.
What you'll do
- Design and implement PingFederate IdP and SP integrations using SAML 2.0 and OIDC
- Configure PingAccess policies, rules, and site authenticators for application protection
- Deploy and tune PingID MFA including risk-based policies and FIDO2 authenticators
- Migrate legacy federation platforms (CA SiteMinder, Oracle Access Manager, ADFS) to PingFederate
- Build PingOne DaVinci flows for orchestration and custom user journeys
- Troubleshoot federation issues including SAML assertion decoding, token lifetimes, and clock skew
- Produce runbooks and operational documentation for client handoff
What we need from you
- 4+ years identity federation experience with at least 2 years on Ping products
- Deep expertise in SAML 2.0 and OIDC protocol mechanics and debugging
- Experience with at least two of: PingFederate, PingAccess, PingID, PingOne
- Working knowledge of Java and scripting for Ping integration customization
- US-based with unrestricted work authorization
Bonus, not required
- Ping Identity Certified Professional
- PingOne DaVinci orchestration experience
- Prior federation platform migration projects (SiteMinder, OAM, ADFS)
- Familiarity with API access management and OAuth 2.0 patterns
What you'll get
Competitive base plus utilization and performance bonuses. Full medical, dental, vision, 401(k) with match, paid Ping certifications, and conference sponsorship.