Security Architect

Project Role : Security Architect
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : Ping Identity
Good to have skills : NA
Minimum 7.5 year(s) of experience is required
Educational Qualification : 15 years full time education

Summary: Experience in IAM/Access Management, with 2+ years of hands-on experience in Ping Identity suite. The Ping Access Management Consultant is responsible for designing, implementing, and supporting enterprise-grade authentication, authorization, and federation solutions using the Ping Identity suite (PingFederate, PingAccess, PingOne, PingID). The consultant will work with security, infrastructure, and application teams to deliver secure access controls, SSO integrations, MFA deployments, and modern identity protocols across the organization. Roles & Responsibilities: -Design, configure, and deploy access management solutions using PingFederate, PingAccess, PingID, PingOne. -Implement adaptive authentication, MFA workflows, and identity federation for internal and external applications. -Configure SSO integrations using SAML 2.0, OAuth 2.0, OpenID Connect, WS-Fed. -Define authentication/authorization policies, application access rules, and session management settings. -Set up and maintain PingFederate identity provider (IdP) and service provider (SP) configurations. -Configure PingAccess for policy enforcement, reverse proxying, and fine-grained access control. -Implement PingID MFA integration with various enterprise applications. -Customize Ping flows using scripts, templates, integration kits, and API connectors. Work with application teams to onboard apps onto PingAccess/PingFederate. -Analyze application authentication needs and map them to appropriate identity protocols. -Integrate Ping with: -Active Directory / Azure AD -LDAP directories -REST APIs / SCIM provisioning -Cloud applications (AWS, SaaS apps, internal apps) -Security Governance & Best Practices -Ensure secure implementation of access management configurations using industry standards. -Apply Zero Trust principles to access control and API protection. -Review authentication logs, troubleshoot federation issues, and optimize Ping platform health. -Support internal and external audits related to identity and access management. -Provide L3 support for access-related incidents, authentication failures, policy errors, and MFA issues. -Monitor Ping platform performance, availability, and logs. -Work with security teams to respond to access-related threats and anomalies. -Maintain detailed documentation for Ping configurations, SSO integrations, and access policies. -Enhance and automate onboarding processes using Ping APIs, PowerShell, or Python. -Stay updated with Ping product roadmap and access management trends. -Strong hands-on knowledge of: -PingFederate (IdP/SP) -PingAccess -PingID / PingOne MFA -SAML / OIDC / OAuth / JWT -Solid understanding of: -Authentication & authorization flows -Federation & SSO architecture -Identity directories (AD, Azure AD, LDAP) -SSL/TLS, certificates, encryption Professional & Technical Skills: -Experience integrating applications with Ping for SSO and MFA. -Ping Identity certifications (PingFederate, PingAccess, PingOne). -Experience with: -API security and reverse-proxy access policies -Cloud identity models (Azure AD, AWS IAM) -DevOps & CI/CD for identity deployments -Scripting knowledge (Python, PowerShell, JavaScript) for automation. Additional Information: - The candidate should have minimum 7.5 years of experience in Ping Identity. - This position is based at our Bengaluru office. - A 15 years full time education is required.