Ping Identity Engineer

Job Description: IAM Ping Identity Engineer (Contract)

Location: Remote, US-based (must be authorized to work in the United States)
Engagement Type: Independent Contractor / W2 Contract
Duration: 6 months, with potential to extend
Industry: Financial Services

About the Role

We are looking for an experienced IAM Ping Identity Engineer to join a large financial services organization on a contract basis. You will work within a mature, compliance-driven environment to support the design, implementation, and ongoing operations of the organization's identity and access management infrastructure. This role is well-suited for someone who has hands-on Ping product experience and is comfortable operating under the governance and change management standards typical of regulated industries.

Key Responsibilities

• Design, configure, and maintain Ping Identity solutions including PingFederate, PingAccess, and PingDirectory
• Administer and troubleshoot SSO, federation, and authentication integrations across enterprise applications
• Support OAuth 2.0, OIDC, and SAML-based integrations with internal and external service providers
• Participate in the full IAM lifecycle including onboarding, access provisioning, and deprovisioning workflows
• Collaborate with application teams, security architects, and infrastructure teams to integrate applications with the Ping ecosystem
• Maintain documentation for configurations, runbooks, and change requests in alignment with change management policies
• Assist with audits, compliance reviews, and evidence gathering for regulatory requirements (SOX, PCI-DSS, or similar)
• Identify and remediate security vulnerabilities or misconfigurations within the IAM environment
• Support incident triage and resolution for authentication and access-related issues

Required Qualifications

• 4-7 years of experience in Identity and Access Management
• 3+ years of hands-on experience with Ping Identity products (PingFederate required; PingAccess and PingDirectory a strong plus)
• Solid understanding of federation protocols: SAML 2.0, OAuth 2.0, and OIDC
• Experience working in regulated environments such as financial services, healthcare, or government
• Familiarity with LDAP/Active Directory and directory services integration
• Working knowledge of MFA solutions and adaptive authentication policies
• Experience with change management processes and operating within ITSM frameworks (ServiceNow or equivalent)
• Ability to work independently and manage deliverables with limited day-to-day supervision

Preferred Qualifications

• Ping Identity certifications (PingFederate Engineer, etc.)
• Experience with CyberArk, SailPoint, or other PAM/IGA platforms
• Exposure to cloud IAM patterns (AWS IAM, Azure AD/Entra ID)
• Scripting or automation experience (Python, PowerShell, or Bash) for IAM workflows
• Familiarity with SOX, PCI-DSS, or FFIEC compliance frameworks

Contractor Requirements

• Must be based in the United States and authorized to work without sponsorship
• Must be able to pass a background check, including financial background screening
• Corp-to-Corp (C2C) or W2 engagements considered; no third-party C2C without prior approval