Job Description
OPEN JOB: Senior Identity Services Engineer / PingFederate, Azure AD, Okta LOCATION: New York City, New York **The role is primarily remote, but will require occasional on-site presence; therefore, candidate should live within a commutable distance to Manhattan SALARY: $97,000 to $145,000 Full-time Full Benefits Essential Job Duties - Design, implement, and support enterprise SSO solutions (e.g., PingFederate, Azure AD, Okta)
- Maintain and enhance access management platforms and federation infrastructure
- Lead application integrations into existing SSO frameworks using SAML, OAuth2, and OIDC
- Implement and support Role-Based Access Control (RBAC) and modern authentication methods
- Support and improve authentication strategies across the organization
- Collaborate with information security, app owners, and infrastructure teams to deliver secure identity solutions
- Troubleshoot complex authentication and federation issues across multiple environments
- Participate in IAM roadmap planning and contribute to architectural decisions
- Provide mentorship and technical guidance to IAM engineers
- Support governance efforts related to authentication, authorization, and access control standards
Required Qualifications - 5+ years of Identity & Access Management experience with a strong focus on SSO and federation
- Deep technical knowledge of:
- PingFederate, Azure AD, Okta, ADFS
- Federation protocols including SAML, OIDC, and OAuth2
- LDAP, Active Directory, SCIM
- Proficiency in scripting and development with PowerShell, Python, and Java
- Experience working with REST APIs for IAM services; familiarity with Postman or similar tools
- Familiarity with OGNL expression language for customizing PingFederate policies
- Front-end UX design and customization using HTML, CSS, and JavaScript
- Basic Linux administration skills for maintaining and managing IAM infrastructure
- Working knowledge of certificates and PKI (X.509, certificate chains, signing, encryption, keystore management)
- Strong troubleshooting and debugging skills across application, identity, and network layersx
- Understanding of modern identity concepts such as Zero Trust, adaptive authentication (risk-based, device/user signals), and conditional access
Preferred Qualifications - Hands-on experience with the Ping Identity platform, particularly:
- PingFederate, PingOne, PingID, PingDirectory
- Experience with MFA and Passwordless/FIDO2/WebAuthn authentication strategies
- Experience building and configuring enterprise SSO applications in Azure AD / Entra ID
- Exposure to IAM orchestration platforms such as PingOne DaVinci or similar tools
- Experience supporting cloud identity integrations (Azure, AWS, GCP)
- Familiarity with enterprise SSO in hybrid environments (on-prem and cloud-based apps)
- Strong documentation and communication skills
- Comfortable collaborating across technical and non-technical teams
- Ability to lead projects and mentor junior engineers
If you are interested in pursuing this opportunity, please respond back and include the following:
- Full MS WORD Resume
- Required compensation
- Contact information
- Availability
Upon receipt, one of our managers will contact you to discuss in full
JASON DENMARK
Recruiting Manager INTERMEDIA GROUP, INC. EMAIL: jdenmark@intermediagroup.com LINKEDIN:
Job Tags
Full time, Remote work,