CISO Technical Lead SSO Engineer
Role details
Job location
Tech stack
Job description
- CISO Technical Lead - SSO Engineer Services:
- Divestiture Strategy & Execution:
o Drive development and execution strategies for the secure separation, migration, and integration of PingFederate instances, configurations, and associated identity stores for divested business units. o Plan and implement identity federation solutions to support application access for users transitioning between organizations, ensuring minimal disruption. o Manage the lifecycle of federated trusts, connections, and identity providers/service providers in the context of divestiture, including onboarding and offboarding applications.
- PingFederate Implementation & Management:
o Design, deploy, configure, and maintain high-availability PingFederate environments across various enterprise landscapes. o Administer PingFederate connections, policies, adapters, selectors, and authentication methods (e.g., SAML, OAuth, OIDC). o Troubleshoot complex SSO authentication, authorization, and federation issues to ensure continuous service availability.
- Identity & Access Integration:
o Integrate PingFederate with various identity stores such as Active Directory, Azure Active Directory, and LDAP directories. o Collaborate with application owners to onboard new applications and migrate existing ones to the PingFederate SSO platform. o Ensure seamless integration with Multi-Factor Authentication (MFA) solutions.
- Security & Compliance:
o Implement and enforce security best practices and architectural guidelines for identity federation and SSO solutions. o Ensure that SSO configurations comply with corporate security policies, regulatory requirements, and data governance standards during the divestiture process. o Conduct regular security reviews and vulnerability assessments of the PingFederate environment.
- Operational Support & Documentation:
o Provide expert-level support for SSO-related incidents and requests, often collaborating with cross-functional IT and security teams. o Develop and maintain comprehensive documentation, architectural diagrams, runbooks, and standard operating procedures (SOPs) for the SSO infrastructure. Deliverables:
-
Secure Divestiture & Federated Identity Transition
-
Resilient PingFederate & SSO Platform Operations
-
Security, Compliance & Operational Excellence
Requirements
-
Bachelor's degree in computer science, Information Security, or a related technical fi eld, or equivalent practical experience.
-
5+ years of dedicated experience in Identity and Access Management (IAM), with at least 3 years focused specifically on SSO technologies.
-
Proficiency in designing, implementing, and managing PingFederate in large-scale enterprise environments.
-
Understanding and hands-on experience with identity federation protocols such as SAML 2.0, OAuth 2.0, and OpenID Connect (OIDC).
-
Experience integrating SSO solutions with various applications and identity stores (e.g., Active Directory, Azure AD, LDAP).
-
Proficiency in scripting languages (e.g., PowerShell, Python) for automation and administration tasks.
-
Excellent analytical, problem-solving, and communication skills, with the ability to articulate complex technical concepts to both technical and non-technical audiences.
-
Required: English fluency (oral and written)., Qualifications : BACHELOR OF COMPUTER SCIENCE
Benefits & conditions
(part of Tata group) 3.93.9 out of 5 stars Irving, TX $100,000 - $130,000 a year