CISO Technical Lead SSO Engineer
Role details
Job location
Tech stack
Job description
- CISO Technical Lead - SSO Engineer Services:
-
Divestiture Strategy & Execution: o Drive development and execution strategies for the secure separation, migration, and integration of PingFederate instances, configurations, and associated identity stores for divested business units. o Plan and implement identity federation solutions to support application access for users transitioning between organizations, ensuring minimal disruption. o Manage the lifecycle of federated trusts, connections, and identity providers/service providers in the context of divestiture, including onboarding and offboarding applications.
-
PingFederate Implementation & Management: o Design, deploy, configure, and maintain high-availability PingFederate environments across various enterprise landscapes. o Administer PingFederate connections, policies, adapters, selectors, and authentication methods (e.g., SAML, OAuth, OIDC). o Troubleshoot complex SSO authentication, authorization, and federation issues to ensure continuous service availability.
-
Identity & Access Integration: o Integrate PingFederate with various identity stores such as Active Directory, Azure Active Directory, and LDAP directories. o Collaborate with application owners to onboard new applications and migrate existing ones to the PingFederate SSO platform. o Ensure seamless integration with Multi-Factor Authentication (MFA) solutions.
-
Security & Compliance: o Implement and enforce security best practices and architectural guidelines for identity federation and SSO solutions. o Ensure that SSO configurations comply with corporate security policies, regulatory requirements, and data governance standards during the divestiture process. o Conduct regular security reviews and vulnerability assessments of the PingFederate environment.
-
Operational Support & Documentation: o Provide expert-level support for SSO-related incidents and requests, often collaborating with cross-functional IT and security teams. o Develop and maintain comprehensive documentation, architectural diagrams, runbooks, and standard operating procedures (SOPs) for the SSO infrastructure. Deliverables:
-
Secure Divestiture & Federated Identity Transition
-
Resilient PingFederate & SSO Platform Operations
-
Security, Compliance & Operational Excellence
Requirements
- Bachelor's degree in computer science, Information Security, or a related technical fi eld, or equivalent practical experience.
- 5+ years of dedicated experience in Identity and Access Management (IAM), with at least 3 years focused specifically on SSO technologies.
- Proficiency in designing, implementing, and managing PingFederate in large-scale enterprise environments.
- Understanding and hands-on experience with identity federation protocols such as SAML 2.0, OAuth 2.0, and OpenID Connect (OIDC).
- Experience integrating SSO solutions with various applications and identity stores (e.g., Active Directory, Azure AD, LDAP).
- Proficiency in scripting languages (e.g., PowerShell, Python) for automation and administration tasks.
- Excellent analytical, problem-solving, and communication skills, with the ability to articulate complex technical concepts to both technical and non-technical audiences.
- Required: English fluency (oral and written).