Senior IAM Engineer

Senior Customer Identity and Access Management (CIAM) Engineer

Location: This role offers the flexibility of being hybrid or home-based for qualified candidates in the United States.

We are seeking a highly skilled and motivated Senior Customer Identity and Access Management (CIAM) Engineer to join our dynamic and fast-paced team. The ideal candidate will have a deep understanding of Identity and Access Management (IAM) principles and extensive hands-on experience with the Ping Identity suite. You will play a crucial role in designing, implementing, and maintaining our CIAM solutions, ensuring a secure and seamless experience for our customers. As a senior member of the team, you will also be responsible for mentoring junior engineers and driving best practices.

Key Responsibilities

• Identity and Access Management:
  • Manage and administer the full Ping Identity suite, including Ping Federate, Ping Access, Ping Directory, Ping Data Proxy, Ping Data Sync, and Ping Data Governance (now Ping Authorize).
  • Create, manage, and troubleshoot common Ping Components, including, but not limited to, PF IdP & SP adapters & connections, selectors, authentication policies, PA rules, data product CLI tools, topology management, sync pipes, and much more
  • Deploy, configure, and troubleshoot modern authentication protocols, including OAuth, OIDC, and SAML. Ensure guidelines are being followed through referencing relevant RFC’s.
  • Configure and deploy Multi-Factor Authentication (MFA) solutions to enhance security.
  • Manage the full lifecycle of digital certificates.
• Engineering and Development:
  • Develop and maintain clean, efficient, and well-documented code and scripts (Java & TypeScript are preferred).
  • Configure and deploy APIs to extend and integrate our CIAM solutions.
  • Work within a DevOps model, contributing to our CI/CD pipelines and automation efforts.
• Infrastructure and Operations:
  • Operate within a cloud-based infrastructure, with a preference for AWS.
  • Manage and maintain containerized environments.
  • Perform JVM tuning for optimal performance.
  • Ensure high availability and disaster recovery readiness of our CIAM platform.
  • Manage and analyze logs using our logging and monitoring tools.
• Team and Project Leadership:
  • Work independently, taking ownership of tasks and resolving complex issues.
  • Communicate effectively with internal teams and external customers.
  • Mentor and guide junior engineers, fostering a culture of growth and knowledge sharing.
  • Collaborate with your team in an Agile work environment.

Required Qualifications

• Minimum of 5 years of hands-on experience with the Ping Identity suite.
• Thorough understanding of Identity and Access Management (IAM) for both enterprise and customer-facing applications.
• Strong coding and scripting abilities (Java & TypeScript are preferred).
• Knowledge of System for Cross-domain Identity Management (SCIM).
• In-depth knowledge of OAuth, OIDC, and SAML.
• Experience with API configuration and deployment.
• Strong experience with Linux environments (navigating, tuning, etc.).
• Excellent problem-solving and communication skills.

Preferred Qualifications

• Solid understanding of cloud infrastructure (AWS preferred).
• Experience with containerized environments (e.g., Docker, Kubernetes).
• Experience with load testing methodologies and tools.
• Experience with JVM tuning.
• Any experience with intaking security reports and creating solutions to address those reports
• Understanding data privacy laws and regulations (e.g., GDPR, CCPA).
• Experience working in a DevOps culture.
• Familiarity with Agile methodologies.

What We Offer:

• A great Team and culture – please see our colleague video. 
• An exciting career as an integral part of a world-leading software company providing solutions for architecture, engineering, and construction - watch this short documentary about how we got our start. 
• An attractive salary and benefits package. 
• A commitment to inclusion, belonging, and colleague well-being through global initiatives and resource groups. 
• A company committed to making a real difference by advancing the world’s infrastructure for a better quality of life, where your contributions help build a more sustainable, connected, and resilient world. Discover our latest user success stories for an insight into our global impact. 

About Bentley Systems

Around the world, infrastructure professionals rely on software from Bentley Systems to help them design, build, and operate better and more resilient infrastructure for transportation, water, energy, cities, and more. Founded in 1984 by engineers for engineers, Bentley is the partner of choice for engineering firms and owner-operators worldwide, with software that spans engineering disciplines, industry sectors, and all phases of the infrastructure lifecycle. Through our digital twin solutions, we help infrastructure professionals unlock the value of their data to transform project delivery and asset performance. www.bentley.com

Equal Opportunity Employer:

Bentley is an equal opportunity employer and considers all qualified applicants for employment without regard to race, color, sex, sexual orientation, gender identity, disability, pregnancy, protected veteran status, religion, national origin, age, genetic information or any other protected characteristic.  This commitment extends to all aspects of employment, including, but not limited to, hiring, placement, promotion, compensation, and training. Know Your Rights as an applicant under the law.

Bentley Policy on EEO, Affirmative Action and Pay Transparency Non-Discrimination

Bentley participates in e-Verify / Bentley participate in e-Verify / Right to Work Notice

Request an Accommodation:

As an Equal Opportunity Employer, Bentley is committed to providing reasonable accommodations to applicants with disabilities. We encourage you to request a reasonable accommodation if you are not able to fully use or access our online application system.   You can make an accommodation request by calling 610-458-5000 or sending us an email at disabilityrequest@bentley.com