Lead Identity Authentication Engineer

American National Insurance•Galveston, TX

21h•Remote

About The Position

American National Group Services LLC is seeking a Lead Identity Authentication Engineer to join their team. This role involves leading the design and development of security policies and custom integrations with IAM Systems using various identity standards. The engineer will provide technical leadership and strategic direction for PingID and Ping Federated authentication systems, as well as for the implementation of authentication, authorization, MFA, SSO, Federation, and Directory services concepts. Responsibilities include managing service requests, project schedules, communicating with business users, and acting as a supervisor for small team projects. The role also involves enforcing coding standards, responding to production issues with on-call rotation, and providing escalation support. The engineer will lead the design and development of custom modules, plugin-based Java, and Ping SDK, and will be responsible for preparing problem definitions, defining project scope and objectives, and designing system solutions with cybersecurity principles. This position can be performed remotely.

Requirements

Bachelor’s degree in Information Technology, Information Systems, Systems and Network Administration, Cybersecurity, Computer Science or closely related field.
5 years of experience in identity engineering related position.
Five years’ experience with Ping Federate, Ping ID or PingOneRisk.
Five years’ experience working with LDAP to generate IDP and SP initiated SSO request using POST and Redirect Protocols.
One year of supervisory/management experience.
Five years’ experience in identity authentication engineering position.
Experience utilizing SCIM.
Experience in designing and developing custom modules, plugin-based Java, and Ping SDK.

Responsibilities

Lead the design and development of security policies, custom integration with IAM Systems using identity standards such as SAML2, WS-Federation, Kerberos, OAuth2, SCIM, and LDAP.
Provide technical leadership and strategic direction across enterprise teams for PingID and Ping Federated authentication systems.
Provide leadership for the implementation of authentication, authorization, MFA, SSO, Federation, and Directory services concepts.
Manage the service request or project schedule, communicates directly with business users, and acts as the supervisor for small team projects (as a team lead or small project facilitator) for task delegation.
Provide leadership for enforcing coding standards and guidelines while reviewing team members’ work, ensuring standards and best practices are followed.
Respond promptly to production issues by serving on an on-call rotation for the 24-hour support of the team’s systems as well as providing escalation support as needed to the other team members.
Provide leadership and support for MFA, OAuth, SAML, SSO, Federated authentication, directory services technologies including LDAP, SCIM, web servers, etc., along with webservices technologies such as REST and SOAP.
Prepare the initial problem definition, defines the project scope and objectives, and determines specific requirements to be satisfied.
Design system solutions for all levels of service requests and applies cybersecurity guidelines/principles.
Lead the team for designing and developing custom modules, plugin-based Java, and Ping SDK as per requirements; integrates with Ping and Unit Test; and assists with deployment.