Sso Administrator

Role & responsibilities

• Managing incidents, escalating critical issues to relevant teams, and tracking resolution progress.
• Administer and support ISAM environments to ensure the secure and efficient delivery of authentication and authorization services.
• Troubleshoot and resolve issues related to ISAM access management components, such as Single Sign-On (SSO), multi-factor authentication (MFA) and federation.
• Configure and maintain ISAM security policies, including web reverse proxies and authentication rules.
• Monitor ISAM system logs, alerts, and performance metrics to detect potential issues.
• Work with the security and network teams to configure and maintain SSL certificates, load balancers, and proxies for secure access to applications.
• Apply patches, updates, and upgrades to the ISAM system when required.
• Manage custom LDAP attributes, LDAP Schema
• Administer and maintain the Ping Federate environment, ensuring high availability, scalability, and optimal performance.
• Troubleshoot issues related to federation, authentication, and authorization processes.
• Manage and configure Ping Federate components such as authentication modules, identity provider (IdP), and service provider (SP) configurations.
• Ensure smooth integration between Ping Federate and other identity systems, including Active Directory, LDAP, SSO, MFA, and third-party applications.
• Apply regular system patches, updates, and upgrades to ensure the Ping Federate environment is secure and up to date.
• Provide operational support for Ping Federate connectors, including troubleshooting and configuration of federation protocols (SAML, OAuth, OpenID Connect).
• Implement and enforce security policies related to identity federation and access management.

Preferred candidate profile

• IAM Subject Matter Expertise with at least 6 - 10 years of hands on operation, integration and implementation experience in security solution w/ business application and processes.
• Minimum of 5 years technical experience on ISAM and Ping Federation.
• A deep understanding of Identity and Access Management Architecture is required.
• Proven experience with IBM Security (or comparable IAM solutions) and Active Directory required.
• Knowledge of Web Services Architecture required such as SOAP, REST, SCIM etc.
• Hands on exposure on SSO and Federation is required.
• Knowledge of security and Java J2EE specification, Struts, WSDL, Web 2.0/WSRP.
• ISAM Concepts: Web security, Authentication, Authorization, Kerberos, Session Management, Web Proxy, Risk-Based Access.
• A solid understanding of Information Security Architecture technologies and concepts required: Firewalls, intrusion detection, monitoring tools, encryption, certificate authority, reverse proxy, etc.
• Detailed familiarity with JSP/Servlets, SPML, DAML, JNDI, DSMLv2, LDIF, LDAP, ODBC, JDBC, JMS, JAAS, ISIM APIs
• Strong programming and scripting skills such as Java, JavaScript, PowerShell, Python etc.