Own the end-to-end architecture and technical roadmap for the Ping Identity platform, covering PingFederate, PingAccess, PingDirectory, PingOne, PingAuthorize, and PingID across all deployment models.
Lead the design and delivery of enterprise Single Sign-On (SSO) solutions using SAML 2.0, OAuth 2.0, OpenID Connect (OIDC), and WS-Federation, ensuring seamless and secure authentication across all business applications.
Architect and govern Multi-Factor Authentication (MFA) policies using PingID, including adaptive and risk-based step-up authentication, device trust, and phishing-resistant flows aligned with organisational risk appetite.
Define and implement application integration standards for onboarding SaaS platforms (Salesforce, Workday, ServiceNow), cloud-native services, and legacy systems — using SAML connectors, OIDC flows, SCIM 2.0 provisioning, and REST APIs.
Design Identity Governance frameworks encompassing Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC), user lifecycle management (joiner/mover/leaver), access certification, and entitlement reviews — integrated with IGA tools such as SailPoint or Saviynt where applicable.
Lead cloud and hybrid deployment strategies for PingOne and PingFederate, including migration planning from on-premises to cloud, DaVinci no-code orchestration, and multi-region availability design.
Produce and maintain architecture deliverables — High-Level Designs (HLD), Low-Level Designs (LLD), solution blueprints, and integration runbooks — to the standard required for management review and audit purposes.
Embed Ping Identity as the identity control plane within the organisation’s zero-trust architecture, including continuous