Responsibilities
- Manage full lifecycle integration of CIAM and workforce IAM for enterprise and custom applications, emphasizing Ping Identity (PingFederate, PingOne), Okta, and DaVinci workflows for advanced identity experiences.
- Create and maintain authentication flows for users and employees using SAML, OIDC/OAuth 2.0, and API integrations, including token management, claims mapping, scope definition, and attribute transformation.
- Develop and manage DaVinci workflows to coordinate authentication, user registration, step-up MFA, risk assessment, identity verification, and integrations across Ping, Okta, and external services.
- Lead onboarding and migration of applications to Azure Entra ID for workforce identity, ensuring compliance with enterprise IAM standards, Conditional Access rules, and audit obligations.
- Implement and manage multi-factor authentication and adaptive authentication policies across CIAM and workforce environments, including conditional logic, exceptions, and global troubleshooting.
- Collaborate with product teams, application owners, and developers to standardize authentication designs, remove custom identity solutions, and align systems with approved CIAM and IAM frameworks.
- Connect CIAM platforms with identity governance and lifecycle systems such as SailPoint and HR data sources to support provisioning, access reviews, and regulatory compliance.
- Design and manage non-human identities, including service accounts, API clients, certificates, secrets, and token-based access for system-to-system communication.
- Build automation, monitoring, and reporting tools for IAM/CIAM operations using scripting and dashboards to enhance visibility, reduce manual work, and meet compliance standards like SOX, SOC2, and GDPR.
- Act as a top-tier technical resource for resolving complex IAM/CIAM incidents, conducting root cause analysis across identity providers, federation layers, token issuance, and application integrations.
- Support IAM and CIAM governance by defining enforceable standards, architectural patterns, and security controls that operationalize security policies.
- Engage in cross-team initiatives such as application modernization, platform unification, CIAM architecture evolution, and improvements to identity service reliability.
- Produce detailed technical documentation, operational runbooks, and reference architectures while delivering knowledge transfer to improve team resilience and reduce dependency on individuals.
- Balance delivery of strategic projects with ongoing operational support to maintain high availability and reliability of IAM/CIAM services while advancing platform capabilities.
