Sr Security Engineer (PingOne)
Role details
Job location
Tech stack
Job description
Our client seeks a Sr Security Engineer to serve as the senior technical expert for a Customer IAM platform with a primary focus on PingOne cloud identity services. The role will lead administration, integrations, policy design, troubleshooting, and operational visibility while supporting migration of external customer-facing portals to the new platform. The engineer will guide stakeholders, document configurations, and enable training and onboarding for a production migration later this year., + Serve as senior technical expert for Customer IAM with primary ownership of PingOne cloud identity services.
-
Design, install, configure, integrate, and support systems and integrations for the strategic IAM program.
-
Lead administration of PingOne tenants, including configuration, policy design, and platform optimization.
-
Design and implement SSO, OAuth 2.0, and OIDC integrations for enterprise and customer-facing applications.
-
Configure and manage access policies, authentication flows, and risk-based policies within PingOne.
-
Support user lifecycle management, including provisioning, deprovisioning, and identity synchronization.
-
Develop and maintain reporting, metrics, monitoring, and operational visibility for PingOne.
-
Troubleshoot complex and critical CIAM services and resolve issues in mission-critical environments.
-
Partner with stakeholders, Security Architecture, and IT teams to onboard applications into PingOne.
-
Produce and maintain documentation for configurations, integrations, and operational procedures.
-
Assist with migration of external customer portals to the new platform and enable training and onboarding.
Requirements
Due to client requirements, applicants must be willing and able to work on a w2 basis. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance., + 5 to 8 years of information security engineering or equivalent experience.
-
Hands-on administration and support of PingOne.
-
Experience with SSO implementations including SAML, OAuth 2.0, and OIDC, and identity federation and authentication flows.
-
Risk-based authentication and policy configuration.
-
User lifecycle and identity data management.
-
Understanding of IAM architecture and integration patterns across cloud and on-prem environments.
-
Proficiency with security technologies such as encryption, network security controls, and system hardening.
-
Experience in complex enterprise environments with distributed systems.
-
Knowledge of network security in multi-protocol environments including TCP/IP, IPSEC, SSL, and HTTP.
-
Experience troubleshooting authentication and identity-related issues across multiple systems.
-
Understanding of change management and version control processes.
-
Preferred: deep PingOne expertise, CIAM or workforce IAM experience, API-based integrations and identity orchestration, scripting or automation with tools such as PowerShell or APIs, relevant certifications such as CISSP, CISM, or Security+.
Education Requirements:
Bachelor's degree in Computer Security, Computer Science, Engineering, or related field, or equivalent experience.
Recruitment Transparency Notice
Benefits & conditions
Eliassen Group values transparency in our recruitment practices. Please be advised that Eliassen Group utilizes artificial intelligence (AI) tools as part of its initial application screening** and hiring process. You may receive email and SMS notifications from the Eliassen Virtual Recruiting Team ( noreply@eliassen.com **, 781-808-2924) inviting you to complete a brief voice screening as part of your application process. These tools assist our hiring teams in different ways, including but not limited to, assistance in reviewing application materials to help identify candidates whose qualifications most closely match the requirements of the position. All AI-assisted evaluations and responses are reviewed by human recruiters before any hiring decisions are made. The use of AI in our process is intended to support fairness, efficiency, and consistency, and Eliassen Group takes measures to prevent bias or discrimination in connection with its hiring practices. By proceeding, you acknowledge, agree, and consent to Eliassen Group's use of these tools, including AI tools, as part of the application and hiring process.
Skills, experience, and other compensable factors will be considered when determining pay rate. The pay range provided in this posting reflects a W2 hourly rate; other employment options may be available that may result in pay outside of the provided range.
W2 employees of Eliassen Group who are regularly scheduled to work 30 or more hours per week are eligible for the following benefits: medical (choice of 3 plans), dental, vision, pre-tax accounts, other voluntary benefits including life and disability insurance, 401(k) with match, and sick time if required by law in the worked-in state/locality.
If anyone reaches out to you about an open position connected with Eliassen Group, please ensure that you are working directly with us by confirming the following:
· When you work with Eliassen Group, all email communication will come from an Eliassen.com address, never Gmail, Yahoo, etc.