We are seeking an experienced Identity and Access Management (IAM) Architect with over 9 years of hands-on expertise in designing, implementing, and supporting IAM solutions. The ideal candidate will have deep experience with ForgeRock/Ping Identity platforms, strong knowledge of authentication and authorization technologies, and the ability to lead large-scale IAM initiatives aligned with business and security goals.
Key Responsibilities
- Design, build, configure, customize, and support IAM solutions using ForgeRock / Ping Identity components.
- Architect and implement authentication journeys using PingOne AIC (Advanced Identity Cloud) with trees and nodes.
- Develop and customize authentication, authorization, and identity workflows.
- Collaborate with business analysts and stakeholders to understand identity-related requirements and translate them into scalable IAM solutions.
- Lead application onboarding activities, ensuring secure integration with IAM platforms.
- Customize nodes and components using JavaScript, Java, and Groovy scripting.
- Design and execute IAM stack migrations and modernization initiatives.
- Act as IAM Architect on large-scale enterprise projects, providing technical leadership and guidance.
- Implement and manage federation technologies including SAML, OAuth2, and OpenID Connect (OIDC).
- Lead identity lifecycle management design and implementation efforts.
- Work extensively with:
- PingOne AIC / ForgeRock Identity Cloud
- OpenAM / PingAM
- OpenDJ / PingDS
- OpenIDM / PingIDM
- OpenIG / PingGateway
- Define and enforce IAM best practices, policies, and standards.
- Communicate security risks, architecture decisions, and mitigation strategies to business and technical teams.
- Monitor, troubleshoot, and optimize IAM systems using tools like AppDynamics and Splunk.
- Create and maintain detailed documentation including architecture diagrams, runbooks, and operational procedures.
Required Skills & Qualifications
- 9+ years of experience in Identity and Access Management (IAM).
- Strong hands-on experience with ForgeRock / Ping Identity suite.
- Expertise in designing authentication and authorization frameworks.
- Deep knowledge of SAML, OAuth2, OpenID Connect (OIDC), and federation technologies.
- Proficiency in scripting and development using Java, JavaScript, and Groovy.
- Experience with IAM migrations and transformations.
- Proven experience as an IAM Architect in enterprise-scale environments.
- Strong understanding of identity lifecycle management.
- Experience in application integration and onboarding with IAM platforms.
- Familiarity with monitoring and logging tools such as Splunk and AppDynamics.
- Excellent communication skills with the ability to engage both technical and non-technical stakeholders.
- Experience with PingOne Advanced Identity Cloud (ForgeRock Identity Cloud).
- Knowledge of cloud platforms and IAM integration patterns.
- Certifications in ForgeRock or Ping Identity technologies.
- Experience in DevSecOps and CI/CD integration with IAM solutions.
- Strong analytical and problem-solving abilities
- Leadership and mentoring capabilities
- Effective stakeholder communication
- Documentation and presentation skills
