SSO Engineer

Job Description CISO Technical Lead – SSO EngineerServices Divestiture Strategy & Execution:Drive development and execution strategies for the secure separation, migration, and integration of PingFederate instances, configurations, and associated identity stores for divested business units.Plan and implement identity federation solutions to support application access for users transitioning between organizations, ensuring minimal disruption.Manage the lifecycle of federated trusts, connections, and identity providers/service providers in the context of divestiture, including onboarding and offboarding applications. PingFederate Implementation & Management:Design, deploy, configure, and maintain high-availability PingFederate environments across various enterprise landscapes.Administer PingFederate connections, policies, adapters, selectors, and authentication methods (e.g., SAML, OAuth, OIDC).Troubleshoot complex SSO authentication, authorization, and federation issues to ensure continuous service availability. Identity & Access Integration:Integrate PingFederate with various identity stores such as Active Directory, Azure Active Directory, and LDAP directories.Collaborate with application owners to onboard new applications and migrate existing ones to the PingFederate SSO platform.Ensure seamless integration with Multi-Factor Authentication (MFA) solutions. Security & Compliance:Implement and enforce security best practices and architectural guidelines for identity federation and SSO solutions.Ensure that SSO configurations comply with corporate security policies, regulatory requirements, and data governance standards during the divestiture process.Conduct regular security reviews and vulnerability assessments of the PingFederate environment. Operational Support & Documentation:Provide expert-level support for SSO-related incidents and requests, often collaborating with cross-functional IT and security teams.Develop and maintain comprehensive documentation, architectural diagrams, runbooks, and standard operating procedures (SOPs) for the SSO infrastructure.Deliverables Secure Divestiture & Federated Identity Transition Resilient PingFederate & SSO Platform Operations Security, Compliance & Operational ExcellenceRequired Skills/Expertise Bachelor’s degree in computer science, Information Security, or a related technical field, or equivalent practical experience. 5+ years of dedicated experience in Identity and Access Management (IAM), with at least 3 years focused specifically on SSO technologies. Proficiency in designing, implementing, and managing PingFederate in large-scale enterprise environments. Understanding and hands-on experience with identity federation protocols such as SAML 2.0, OAuth 2.0, and OpenID Connect (OIDC). Experience integrating SSO solutions with various applications and identity stores (e.g., Active Directory, Azure AD, LDAP). Proficiency in scripting languages (e.g., PowerShell, Python) for automation and administration tasks. Excellent analytical, problem-solving, and communication skills, with the ability to articulate complex technical concepts to both technical and non-technical audiences. Required: English fluency (oral and written).Salary Range: $90,000 to $115,000 per yearQualifications: BACHELOR OF COMPUTER SCIENCE