Senior CIAM Architect
Olik Global · New York, NY · 3 wk ago
HybridOTHRFull-time
Role Summary
Mandatory Experience:
- 15+ years in IAM/CIAM domain
- 8+ years working with Ping Identity products
Key Responsibilities
- Lead the architecture, design, implementation, and support of enterprise CIAM solutions using Ping Identity products
- Own end-to-end solution design for customer authentication, federation, authorization, and directory integration use cases
- Design scalable and secure authentication platforms capable of supporting large user populations and high transaction volumes
- Implement and optimize SSO, MFA, OAuth, OIDC, and federation flows for enterprise and customer-facing applications
- Drive integration with downstream applications, identity providers, APIs, directories, and security infrastructure
- Lead production issue resolution for complex authentication, federation, token, certificate, and directory-related problems
- Collaborate with infrastructure, network, security, application, and DevOps teams to ensure resilient and secure identity services
- Define engineering standards, deployment patterns, operational runbooks, and best practices for CIAM platform support
- Provide technical leadership to engineering teams, review solution designs, and mentor junior team members
- Support modernization initiatives including cloud adoption, automation, and observability for identity platforms
Technical Skills
- Federation & Authentication: SAML 2.0, OAuth 2.0, OpenID Connect (OIDC), JWT technologies
- PingFederate: Expertise in end-to-end administration, SSO integrations, token exchange, authentication policies, selectors, adapters, and OAuth/OIDC troubleshooting
- PingDirectory: Expertise in administration, LDAP integrations, directory operations, replication, performance tuning, and troubleshooting
- PingAccess: Expertise in application access control, policy enforcement, and secure application integration
- Cloud Skills: Hands-on experience with Amazon Web Services (AWS)
- Security & PKI: Hands-on experience with SSL/TLS certificates, certificate renewals, keystore and truststore management, JKS/PKCS12 handling, CSR generation, CA chains, and mutual TLS
- DevOps & Automation: Hands-on exposure to CI/CD pipelines, Git, Jenkins, Terraform, and monitoring or observability tooling
Required Qualifications
- 15+ years of experience in Identity and Access Management (IAM) / Customer Identity and Access Management (CIAM)
- 8+ years of strong hands-on experience with Ping Identity product suite, especially PingFederate, PingDirectory, PingAccess, and PingOne
- Proven experience designing and supporting enterprise-scale customer authentication platforms; experience with 10M+ user environments is strongly preferred
- Strong expertise in authentication and federation standards including SAML 2.0, OAuth 2.0, OpenID Connect (OIDC), and JWT technologies
- Deep hands-on expertise in PingFederate administration, SSO integrations, token exchange, authentication policies, selectors, adapters, and OAuth/OIDC troubleshooting
- Good understanding of PingAccess for application access control, policy enforcement, and secure application integration
- Strong hands-on experience with SSL/TLS certificates, certificate renewals, keystore and truststore management, JKS/PKCS12 handling, CSR generation, CA chains, and mutual TLS
- Solid knowledge of Linux administration, networking fundamentals, DNS, load balancers, reverse proxies, and firewall concepts
- Experience working in cloud environments, preferably AWS
- Hands-on exposure to CI/CD pipelines, Git, Jenkins, Terraform, and monitoring or observability tooling
- Strong troubleshooting skills across federation, OAuth, token validation, LDAP connectivity, directory replication, certificate chain issues, latency, routing, and production incidents
Preferred Qualifications
- Ping Identity certifications such as Ping Identity Certified Professional
- AWS certifications such as AWS Solutions Architect
- Experience in highly regulated, large-scale, or customer-facing enterprise environments
- Exposure to architecture governance, engineering leadership, and cross-functional stakeholder management