Ping IAM Architect

Ping IAM Architect

Atlanta, Auburn Hills, Chicago, Kansas City, remote, Seattle, St. Louis

Valorem Reply

Valorem Reply is seeking a Ping IAM Architect that is experienced with assessing, designing, and operating both on-prem environments that also know how to operate similar features once moved into the cloud. It's ideal to have experience with documenting the environment "as-is" architecturally compared to the "to-be" within the cloud once implemented. Must be able to do discovery in customized Ping solutions. Ideally has deep understanding in Azure AD. DEEP experience in Okta, Azure AD, AND Authentication might substitute if candidates lack Ping experience. Evaluate, design and architect access management solutions related to Ping Identity / Ping One as the primary focus or secondarily one the following Identity Platforms (IdP): Active Directory (AD) / Azure AD, or Okta. Experience is required in architecting and rolling out MFA, Conditional Access, and Identity Governance and Protection to manage the identity solution. Experience should include the following: · Working knowledge of Ping Access, Ping Federate, and Ping One as the IDP hub; of mTLS with JWT; and Attribute-Based Access Control (ABAC) systems (e.g., role, location, device health, citizenship). · Discover and define a clear problem statement beyond just replacing current or outdated technologies. · Specify use cases that, once delivered, help to solve the problem through envisioning workshops and assessment of the As-Is environment. These use cases could include: o Migrating from a heavily customized on-premises network-based Identity and Access Management platform to a Cloud-based IAM service. o Migrating from a heavily customized IaaS-based Identity and Access Management platform to a Cloud-based IAM service. · Create and document a solution bill of material that defines all the elements needed to deliver a solution including technologies, policies, processes, and skilling. This can include: o Providing a list of adapters that need to be migrated. o Providing a list of applications that need to be migrated with an indication of the pattern used. o Documenting the impact of using OAuth/OIDC as the new default pattern for any application. o Documenting the impact of no longer having access to the virtual machines running the Ping on-premises services. o Documenting the impact of no longer having direct access to the Ping logs for ingestion into a SIEM solution. o Providing a list of required changes to IAM services to integrate with the ABAC system o Providing a roadmap for changes to IAM services to support ABAC o Documenting integration as well as recommendations for where to implement ABAC capabilities. o Documenting impact for capturing identity attributes like citizenship, and geographic location at AuthN. · Design a solution architecture using current and new technologies as well as utilities and APIs required to integrate. · Define the set of activities (e.g., technical implementation, policy and process development, and training) and layout the roadmap and plan. · Understand and convey the customer’s change readiness to assimilate all the elements in the solution so that delivery happens as envisioned on time and in budget. Experience should include providing direction and guidance to customer personnel in the areas below: · Implement Identity Management solutions · Implement an Authentication and Access Management solution · Implement Access Management for Apps · Plan and implement an identity governance strategy.

Basic Requirements

  • 7+ years of specific experience in Identity and Access Management (IAM) Projects
  • Knowledge of Ping concepts and features
  • Experience building authentication modules within applications and web applications
  • Extensive knowledge of the Identity and Access Management Domain
  • Extensive knowledge of Authentication and Authorization concepts
  • Extensive knowledge of Single sign-on Concepts
  • Well versed in Identity Federation Concepts


  • HEALTH &
  • We offer you a market competitive compensation (base salary and bonus)
  • Vision, Disability and Life Insurance (100% company paid)
  • 401(k) company match 
  • Paid Time Off Vacation and Sick time and Company Paid holidays
  • Regular and systematic (external and internal) further training opportunities
  • Work in an innovative and international team


  • Ping Identity Certified Professional
  • Microsoft Certified: Identity and Access Administrator Associate (SC-300)
  • Okta Certified Professional / Okta Certified Administrator

About Valorem Reply

Valorem Reply, part of the Reply Group, is an award-winning digital transformation firm focused on delivering data-driven enterprise, IT modernization, customer experience, product transformation and digital workplace. Through the expertise of our people and power of Microsoft technologies, we provide hyper-scale and agile delivery of unique digital business services, strategic business models and design-led user experiences. Our innovative strategies and solutions securely and rapidly transform the way our clients do business.

Return to search

How to become a Replyer

Level 1


You found an opportunity that suits you and your abilities? Perfect! Use our application form to send us your resume and credentials. Once we received your documents, you will get a confirmation via email.

Level 2


We will now review your application and come back to you as soon as possible. If it’s a match, we will contact you for an interview.

Level 3


Is it a fit? Do we match your expectations? What about the job requirements and the workplace? All that will be covered in the interview. If more than one Reply company is suitable for you, you have the possibility to participate in several interviews!

The final


You receive an offer? Congratulations! We look forward to welcoming you to our team.

Follow us