Job Description: IAM Ping Identity Engineer (Contract)
Location: Remote, US-based (must be authorized to work in the United States)
Engagement Type: Independent Contractor / W2 Contract
Duration: 6 months, with potential to extend
Industry: Financial Services
About the Role
We are looking for an experienced IAM Ping Identity Engineer to join a large financial services organization on a contract basis. You will work within a mature, compliance-driven environment to support the design, implementation, and ongoing operations of the organization's identity and access management infrastructure. This role is well-suited for someone who has hands-on Ping product experience and is comfortable operating under the governance and change management standards typical of regulated industries.
Key Responsibilities
Design, configure, and maintain Ping Identity solutions including PingFederate, PingAccess, and PingDirectory
Administer and troubleshoot SSO, federation, and authentication integrations across enterprise applications
Support OAuth 2.0, OIDC, and SAML-based integrations with internal and external service providers
Participate in the full IAM lifecycle including onboarding, access provisioning, and deprovisioning workflows
Collaborate with application teams, security architects, and infrastructure teams to integrate applications with the Ping ecosystem
Maintain documentation for configurations, runbooks, and change requests in alignment with change management policies
Assist with audits, compliance reviews, and evidence gathering for regulatory requirements (SOX, PCI-DSS, or similar)
Identify and remediate security vulnerabilities or misconfigurations within the IAM environment
Support incident triage and resolution for authentication and access-related issues
Required Qualifications
4-7 years of experience in Identity and Access Management
3+ years of hands-on experience with Ping Identity products (PingFederate required; PingAccess and PingDirectory a strong plus)
Solid understanding of federation protocols: SAML 2.0, OAuth 2.0, and OIDC
Experience working in regulated environments such as financial services, healthcare, or government
Familiarity with LDAP/Active Directory and directory services integration
Working knowledge of MFA solutions and adaptive authentication policies
Experience with change management processes and operating within ITSM frameworks (ServiceNow or equivalent)
Ability to work independently and manage deliverables with limited day-to-day supervision
Preferred Qualifications
Ping Identity certifications (PingFederate Engineer, etc.)
Experience with CyberArk, SailPoint, or other PAM/IGA platforms
Exposure to cloud IAM patterns (AWS IAM, Azure AD/Entra ID)
Scripting or automation experience (Python, PowerShell, or Bash) for IAM workflows
Familiarity with SOX, PCI-DSS, or FFIEC compliance frameworks
Contractor Requirements
Must be based in the United States and authorized to work without sponsorship
Must be able to pass a background check, including financial background screening
Corp-to-Corp (C2C) or W2 engagements considered; no third-party C2C without prior approval