Ping One Advanced Identity cloud Engineer (Implementation & Infrastructure)

The organisation runs a large public-sector identity programme that combines cloud-hosted identity services and on-premise components. This role exists to implement and operate Ping One Advanced Identity Cloud (PingAIC) and integrate it with existing ForgeRock components, using Infrastructure as Code and automated CI/CD pipelines, with tools such as Terraform, Ansible and Git.

The mission

This programme delivers a central identity platform for business applications used by thousands of public servants and external partners. The technical landscape includes Ping Identity Platform (PingAIC) for cloud identity, existing ForgeRock services, Azure-based infrastructure, and SQL connectors for application data. Work on resilience, RPO/RTO and disaster recovery is an explicit delivery item.

Day to day you will translate architecture into runnable infrastructure and repeatable deployments. You will build Terraform modules, author Ansible playbooks, and implement CI/CD pipelines in Azure DevOps. You will configure OIDC, SAML, SCIM and RBAC/ABAC across the Ping platform, onboard business applications using MSGraphAPI and custom SQL connectors, and run the platform in accordance with the projects Zero-Trust requirements. You will be part of an Agile delivery team of 6 to 10 engineers and take part in Scrum ceremonies.

Your responsibilities

• Design and implement infrastructure-as-code modules with Terraform and Ansible to provision Ping One Advanced Identity Cloud and supporting services
• Implement and maintain CI/CD pipelines in Azure DevOps or equivalent to deliver automated, auditable deployments
• Configure identity protocols and integrations, including OIDC, SAML, SCIM, MSGraphAPI and SQL database connectors to onboard applications
• Harden and operate the platform to meet cyber security and zero-trust controls, including RPO/RTO and disaster recovery procedures
• Integrate and migrate identity flows between PingAIC and existing ForgeRock components, ensuring consistent role and attribute mappings
• Produce DoD-compliant documentation, runbooks and handover artefacts, and participate in sprint planning, demos and retrospectives

Your profile

Essential skills

• Solid hands-on experience with Ping One Advanced Identity Cloud or Ping Identity Platform and practical knowledge of ForgeRock
• Proven experience delivering infrastructure-as-code using Terraform and Ansible and operating CI/CD pipelines (Azure DevOps, Git)
• Strong familiarity with identity protocols and APIs: OIDC, SAML, SCIM, MSGraphAPI and IDP concepts
• Experience with DevOps practices on Azure, version control with Git, and SQL database connectivity for application onboarding
• Understanding of cyber security controls, zero-trust principles, and disaster recovery (RPO/RTO)
• Minimum six months demonstrable experience in IAM engineering and infrastructure, senior-level delivery experience in Agile teams
• Relevant certifications such as PingAM Certified Professional and Identity Manager Technical Specialist are required

Education

• Master degree or equivalent in Cybersecurity, Cryptanalysis, Forensics or a closely related discipline

Please include with your application a concise answer to the following eliminatory question: what is an RCS in the context of PingOne Advanced Identity Cloud and why do we need it?