[Remote] IAM Security Engineer - PingOne
Note: The job is a remote job and is open to candidates in USA. Randstad USA is seeking an IAM Security Engineer with expertise in PingOne cloud services. The role involves designing, configuring, and supporting the IAM platform while ensuring the security and integrity of organizational data.
Responsibilities
- Handles complex design, evaluation, and testing of the security of systems to ensure the integrity and protection of organizational data against evolving cyber threats
- Serves as a senior technical expert for our Customer Identity and Access Management (IAM) platform, with a primary focus on PingOne cloud identity services
- Responsible for the design, installation, configuration, integration, and ongoing support of the systems and integrations that comprise client's strategic IAM program, with primary ownership/support of the PingOne platform
- Lead administration and management of PingOne services, including tenant configuration, policy design, and platform optimization
- Design and implement SSO, OAuth 2.0, and OIDC integrations for enterprise and customer-facing applications within PingOne
- Configure and manage access policies, authentication flows, and risk-based policies within PingOne
- Support user lifecycle management (provisioning, deprovisioning, identity synchronization) across PingOne and connected systems
- Develop and maintain PingOne reporting, metrics, and monitoring capabilities to support operational visibility and security insights
- Troubleshoot and support complex and critical CIAM services within PingOne
- Partner closely with business stakeholders, Security Architecture, and IT teams to onboard applications into PingOne and ensure alignment with enterprise security standards
- Produce and maintain documentation for PingOne configurations, integrations, and operational procedures
- Prioritize and resolve complex technical issues supporting mission-critical CIAM infrastructure
Skills
- Bachelor's degree and 5+ years of information security engineering experience OR 6+ years of equivalent experience
- Hands-on experience administering and supporting PingOne
- Demonstrated experience with: SSO implementations (SAML, OAuth 2.0, OIDC)
- Identity federation and authentication flows
- Risk-based authentication and policy configuration
- User lifecycle and identity data management
- Strong understanding of IAM architecture and integration patterns across cloud and on-prem environments
- Proficiency with security technologies including encryption, network security controls, and system hardening
- Experience in complex enterprise environments with distributed systems
- Knowledge of network security in multi-protocol environments (TCP/IP, IPSEC, SSL, HTTP)
- Experience troubleshooting authentication and identity-related issues across multiple systems
- Understanding of change management and version control processes
- Bachelor's degree in Computer Security, Computer Science, or Engineering
- Deep expertise with PingOne, including administration, troubleshooting, application onboarding, and policy design
- Experience implementing or supporting customer IAM (CIAM) or workforce IAM solutions
- Familiarity with API-based integrations and identity orchestration
- Experience developing and maintaining automation/scripting solutions (e.g., PowerShell, APIs) to support provisioning, integrations, and operational efficiency
- Strong consulting mindset with ability to guide business and technical teams on IAM best practices
- Excellent analytical and problem-solving skills
- Strong communication skills with ability to explain complex IAM concepts to varying audiences
- Proven ability to operate independently and lead technical initiatives
- Attention to detail and commitment to operational excellence
- Professional certifications preferred (CISSP, CISM, Security+, or relevant IAM certifications)
Benefits
- W2 option
Company Overview