We are seeking a highly experienced Senior CIAM Architect with deep expertise in Ping Identity technologies to lead the design, engineering, integration, and support of enterprise-scale customer identity and access management platforms. This role requires strong hands-on experience across federation, authentication, directory services, security, PKI, infrastructure, and automation, with the ability to drive architecture decisions and resolve complex production issues in high-scale environments.

·      Lead the architecture, design, implementation, and support of enterprise CIAM solutions using Ping Identity products.

·      Own end-to-end solution design for customer authentication, federation, authorization, and directory integration use cases.

·      Design scalable and secure authentication platforms capable of supporting large user populations and high transaction volumes.

·      Implement and optimize SSO, MFA, OAuth, OIDC, and federation flows for enterprise and customer-facing applications.

·      Drive integration with downstream applications, identity providers, APIs, directories, and security infrastructure.

·      Lead production issue resolution for complex authentication, federation, token, certificate, and directory-related problems.

·      Collaborate with infrastructure, network, security, application, and DevOps teams to ensure resilient and secure identity services.

·      Define engineering standards, deployment patterns, operational runbooks, and best practices for CIAM platform support.

·      Provide technical leadership to engineering teams, review solution designs, and mentor junior team members.

·      Support modernization initiatives including cloud adoption, automation, and observability for identity platforms.

 Infrastructure

Candidate must have hands-on experience with:

Candidate should be able to independently troubleshoot:

·      15+ years of experience in Identity and Access Management (IAM) / Customer Identity and Access Management (CIAM).

·      8+ years of strong hands-on experience with Ping Identity product suite, especially PingFederate, PingDirectory, PingAccess, and PingOne.

·      Proven experience designing and supporting enterprise-scale customer authentication platforms; experience with 10M+ user environments is strongly preferred.

·      Strong expertise in authentication and federation standards including SAML 2.0, OAuth 2.0, OpenID Connect (OIDC), and JWT technologies.

·      Deep hands-on expertise in PingFederate administration, SSO integrations, token exchange, authentication policies, selectors, adapters, and OAuth/OIDC troubleshooting.

·      Experience with PingDirectory administration, LDAP integrations, directory operations, replication, performance tuning, and troubleshooting.

·      Good understanding of PingAccess for application access control, policy enforcement, and secure application integration.

·      Strong hands-on experience with SSL/TLS certificates, certificate renewals, keystore and truststore management, JKS/PKCS12 handling, CSR generation, CA chains, and mutual TLS.

·      Solid knowledge of Linux administration, networking fundamentals, DNS, load balancers, reverse proxies, and firewall concepts.

·      Experience working in cloud environments, preferably AWS.

·      Hands-on exposure to CI/CD pipelines, Git, Jenkins, Terraform, and monitoring or observability tooling.

·      Strong troubleshooting skills across federation, OAuth, token validation, LDAP connectivity, directory replication, certificate chain issues, latency, routing, and production incidents.

·      Ping Identity certifications such as Ping Identity Certified Professional.

·      AWS certifications such as AWS Solutions Architect.

·      Experience in highly regulated, large-scale, or customer-facing enterprise environments.

·      Exposure to architecture governance, engineering leadership, and cross-functional stakeholder management.

·      Strong ownership and leadership in driving critical identity platform initiatives.

·      Ability to translate business and security requirements into robust CIAM architecture and engineering solutions.

·      Excellent analytical and problem-solving skills for high-severity production incidents.

·      Strong verbal and written communication skills with the ability to work across technical and business stakeholders.

·      Ability to operate effectively in fast-paced, high-availability production environments.