Interview : Video
Visa : USC, GC
This is hybrid from day-1 ( Need local candidates )
Description :
We are seeking a skilled Identity and Access Management (IAM) Engineer with expertise in Ping Identity or Okta solutions. The ideal candidate will focus on securing user authentication, authorization, and access control within the organization. This role requires deep knowledge of SSO, MFA, identity federation, and cloud security integration while ensuring compliance with industry standards.
Principal Duties & Responsibilities - Takes a lead role in mapping security standards to technical solutions in support of business needs.
- Works with project teams, architects, and constituents to design and implement security solutions in support of corporate information security policy, regulatory requirements, and security best practices.
- Works as part of the development team to maintain the security and regulatory compliance of systems architected, built, installed, and used by the company.
- Research, analyses, and recommends the implementation of software or hardware changes to rectify any infrastructure security deficiencies or to enhance security performance.
- Conducts research on emerging products, services, protocols, and standards in support of security enhancement and development efforts; tests new security software and/or technologies.
- Provides ongoing engineering support for security systems including firewalls, virus protection systems, Web filters, computer forensic systems and network, and host-based intrusion detection and prevention systems
- Creates audits, and reports the enforcement of policies, procedures and associated plans for system security administration, and user-system access as defined by company standards.
- Contributes to the design and implementation of the disaster recovery plans for security of the company's computer systems, databases, networks, servers, and software applications
Identity and Access Management (IAM) Engineering - Implement and configure Single Sign-On (SSO) solutions using PingFederate, Ping Access, Okta SSO, or Okta Workforce Identity.
- Manage and optimize Multi-Factor Authentication (MFA) for enhanced security.
- Handle identity federation with SAML, OAuth, OIDC, and other authentication protocols. Cloud Security & Integration
- Integrate Okta or Ping Identity with cloud platforms like AWS, Azure, or Google Cloud.
- Configure API security using Ping One or Okta's API Access Management. User Lifecycle Management
- Automate user provisioning and deprovisioning with SCIM and directory services such as Active Directory, LDAP.
- Implement and manage role-based access control (RBAC) and attribute-based access control (ABAC). Troubleshooting & Support
- Diagnose and resolve authentication and access-related issues.
- Monitor IAM logs and collaborate with SIEM tools for security auditing and incident response. Policy and Compliance
- Ensure compliance with security standards like SOC2, HIPAA, PCI-DSS, and NIST.
- Implement Zero Trust security frameworks using Okta Identity Engine or Ping Identity solutions. Required Qualifications:
- 3+ years of experience in IAM engineering with Okta or Ping Identity.
- Strong knowledge of SSO, MFA, identity federation (SAML, OAuth, OIDC).
- Hands-on experience with directory services (Active Directory, LDAP, SCIM).
- Experience integrating IAM solutions with AWS, Azure, and Google Cloud.
- Familiarity with Zero Trust architecture and security best practices.
- Understanding of compliance frameworks such as SOC2, HIPAA, PCI-DSS, NIST.
- Proficiency in scripting/automation (Python, PowerShell, or similar languages) is a plus.
Preferred Certifications and Education - Okta Certified Consultant/Administrator
- Ping Identity Certified Specialist
- CISSP, CISM, or other security certifications (preferred).
- Bachelor's degree in information security, Computer Science, Information Systems, or a related field
- Eight or more years' experience in information security, engineering, or professional related work experience
- Advanced knowledge of multiple security technologies (firewalls, IPS, DLP, antimalware, proxies, WAF, etc.)