Security Architect

Project Role : Security Architect
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : Ping Identity
Good to have skills : NA
Minimum 7.5 year(s) of experience is required
Educational Qualification : 15 years full time education

Summary:
As a L3 IAM Engineer / SME for Ping Identity Federation, a typical day involves in L3 escalations and engineering authority for enterprise federation and access
management services built on the Ping Identity platform, owning complex troubleshooting, problem management, application onboarding engineering, and change impact analysis.

Roles & Responsibilities:
- Expected to be an SME, collaborate and manage the team to perform.
- Lead L3 resolution for complex incidents impacting authentication, authorization, SSO, and federation across SAML and OIDC integrations
- Provide engineering oversight and advanced administration of PingFederate / PingOne (SSO), PingAccess, PingID, PingDirectory, PingDataSync, Ping Directory Delegated Admin, and related components
- Lead application onboarding engineering, including IdP-SP integration design reviews, SAML/OIDC configuration, certificate alignment, cutover planning, and post-go-live hypercare
- Govern and support OIDC self-service onboarding and Delegated User Admin (DUA) group management models and operational transitions
- Perform configuration and change impact analysis for federation platform changes, ensuring adherence to architecture standards and change governance
- Lead upgrade, patching, and fix deployments, including planning, pre/post validation, and production readiness sign-off
- Coordinate with Ping OEM for advanced troubleshooting, defect resolution, and patch or fix planning
- Maintain platform configuration history, operating procedures, and technical documentation, and contribute to SLA/KPI reporting inputs
- Support annual disaster recovery and enterprise recovery testing activities where required

Professional & Technical Skills:
- Must To Have Skills: Proficiency in Ping Identity.
- 8+ years of experience in enterprise federation and access management services
- Strong knowledge of identity and access management principles and technologies.
- Strong engineering experience across the Ping Identity suite (PingFederate, PingAccess, PingID, PingDirectory, PingDataSync)
- Advanced troubleshooting expertise in SAML and OIDC federation, authentication, and authorization flows
- Proven experience with complex IdP-SP integrations and enterprise-scale application onboarding
- Strong understanding of controlled change execution, validation testing, and production IAM operations

Additional Information:
- The candidate should have minimum 5 years of experience in Ping Identity
- Mandatory: Ping Identity certification aligned to federation and access management, covering PingFederate and PingAccess
- Recommended: PingDirectory certification where directory services are in scope
- This position is based at our Bengaluru office.
- A 15 years full time education is required