Job Description

Role Value Proposition: We are looking for an exceptional lead engineer with specialized focus on implementation and management of modern authentication access management tools. You will be a SME & critical member of the Authentication Services engineering team that owns and manages Customer IAM (CIAM) services across on-prem and in cloud. Presenting an opportunity to implement innovative identity solutions using modern authentication, cloud based IDP, ID verification and directory technologies. As a global company, you will collaborate with cross-functional teams including security, IT and business units across US, LATAM, EMEA and APAC regions to lead, drive and deliver global CIAM solutions. Working hours for this role are aligned to US EST time zone. Key Responsibilities: · Lead CIAM engineering initiatives across hybrid cloud environments supporting millions of customer identities. · Work closely with IAM Architect to solution design and publish new CIAM Patterns · Design and implement customer-facing identity flows including registration, login, MFA, and account recovery. · Administration and Management of LDAP directories within CIAM portfolio. Implement proper security controls and policies (Schema, Password policies, ACI, Encryption, TLS) · Provide domain expertise in Authentication/Directory services, consult global IT teams and business units on new integrations and best practice · Support CIAM tech stack integration with web and mobile applications using SAML, OAuth, and OpenID Connect protocols. · Implement fraud detection and mitigation strategies using ID proofing services · Conduct CIAM platform upgrades, patching, and performance tuning to ensure high availability and scalability. · Provide leadership in level 3 support, troubleshooting and perform RCA · Showcase operational excellence, planning & ability to drive large scale projects · Implement CIAM analytics and monitoring using tools like Splunk and Elastic to track authentication trends and anomalies · Provided mentorship and technical leadership to other team members · Develop and maintain CIAM architecture documentation, runbooks, and operational playbooks. · Undergo regular security audits, identity lifecycle management, and compliance assessments to ensure adherence to global standards such as GDPR, PCI, etc. Essential Business Experience and Technical Skills: Required Skills: * 8+ years of strong experience in designing and implementing LDAP directory services (like Ping Directory, OUD, ADLDS, Tivoli, CA Directory) (or equivalent combination of years of experience and education). * 5+ years of strong experience in designing and implementing data sync solutions (PingDataSync or using scripts). * 5+ years of experience with tools like SiteMinder, Ping Federate, Ping Access, Ping One with hands-on knowledge of SAML 2.0, OAuth, OpenID Connect, SSO, Web Access Management, Cloud Security, API Security. * Self-starter attitude, ability to drive efforts to closure. Possess good verbal and written communication skills with focused attention to detail. Preferred: * Strong knowledge in Ping Directory, Ping DataSync, Ping Directory Proxy, Ping Federate, Ping Access. * Experience implementing fraud detection and mitigation strategies during identity onboarding and verification using ID proofing services (e.g., IDDataWeb, 1Kosmos, ID.me, LexisNexis) into CIAM workflows. * Experience implementing ID Proofing services. * Strategic thinking with the ability to lead large-scale IAM initiatives. * Solid understanding of cloud security frameworks and zero-trust architecture. * Agile and DevSecOps experience. * Ping Identity Certification is a plus. Equal Employment Opportunity/Disability/Veterans If you need an accommodation due to a disability, please email us at accommodations@metlife.com. This information will be held in confidence and used only to determine an appropriate accommodation for the application process. MetLife maintains a drug-free workplace.

Job Tags

Similar Jobs