• Senior SSO Engineer - Ping

    Bank of America (Jacksonville, FL)


    Senior SSO Engineer - Ping

     

    Addison, Texas;Jacksonville, Florida

    Job Description:

    At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

     

    Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.

     

    Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.

     

    At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

    Job Description:

    This job is responsible for supporting multiple security engineering efforts to deliver enterprise security capabilities. Key responsibilities include serving as a subject matter expert of security technology, overseeing major engineering milestones including the design, development, and implementation of systems, and reporting on key metrics. Job expectations include executing on engineering initiatives, partnering with cross-functional teams, solving complex issues within one or more security domains, and mentoring team members.

    Position Summary:

    We are seeking a highly skilled and experienced Identity and Access Management (IAM) professional to fill the role of Senior SSO Engineer. As a Senior SSO Engineer, you will play a critical role in designing, implementing, and maintaining our secure authentication and authorization services for our organization. The ideal candidate should possess a robust background in IAM with a minimum of 7-10 years of hands-on expertise in PingIdentity products, which will be instrumental in ensuring seamless and efficient access management across our systems. You must have the ability to take on leadership responsibilities for teams or projects. This position will also provide expertise, guidance, and execution of our authentication services roadmap from both tactical and strategic perspectives.

     

    This position is both a hands-on and leadership position, including but not limited to the following activities.

     

    **Design and Architecture** :

    + Collaborate with cross-functional teams to architect and implement authentication solutions using **PingFederate** , **PingAccess** , **PingDirectory** , and other relevant tools.

    + Evaluate existing Authentication Services infrastructure and to identify potential enhancements to

    + optimize service performance, security, and scalability.

    + with cross domain Identity and Authentication Services teams to collaborate on various IAM solutions and provide related guidance.

    + Collaborate with other members of the engineering team to design new features or improve existing ones. Identify process improvement opportunities for review and subsequent implementation.

    **Implementation and Integration** :

    + Provide SME level guidance to SSO Integration and SSO Engineering teams on the implementation of Authentication solutions, including configuration, customization, and integration with various applications and services.

    + SME level experience with SAML, OIDC, OAuth, MFA, and FIDO2.

    + Plan and lead major technology assignments.

    **Security and Compliance** :

    + Ensure our Authentication Services are in compliance with industry standards and best practices, such as SAML, OAuth, FIDO2, and OIDC.

    + Participate in and provide expertise and guidance when asked to participate in security assessments, vulnerability scans, and risk assessments related to Authentication Services components.

    + Ensure that all Group Policy Management (GPM) changes are controlled and documented to comply with the organization’s policies.

    **Troubleshooting and Support** :

    + Investigate and resolve Authentication Services related issues, including authentication failures, token management, and user provisioning.

    + Provide support for MFA and FIDO2 integrations with Authentication Services powered by PingIdentity products.

    + Provide advanced troubleshooting support for Authentication Services that leverage oAuth, OIDC, MFA, and FIDO2 to identify root cause and implement bug fixes when needed.

    + Provide expert-level support to internal teams and end-users.

    Documentation and Training:

    + Create detailed technical documentation for Authentication Services configurations, workflows, and troubleshooting guides.

    + Mentor other members of the team on Web Access Management / API Security best practices.

    + Conduct training sessions for IT staff and end-users on Authentication Services best practices and usage.

    + Leverage industry standards for documentation using Jira, Horizon, or Confluence to ensure the team has artifacts and procedures for various day to day and complex implementations.

    Qualifications:

    + 7+ years of experience managing and supporting Authentication Services systems, with expertise in PingFederate, PingAccess, and PingDirectory.

    + Hands-on experience (at least 7 years) integrating applications using industry standards such as SAML/OIDC/OAuth/FIDO2.

    + Excellent problem-solving abilities and analytical thinking.

    + Proven ability to execute projects independently and collaborate effectively with relevant stakeholders to achieve project/task completion.

    + Expertise in Policy creation and implementation, with policy fragment experience a strong plus.

    + Excellent communication skills, both verbal and written.

    + Bachelor’s degree in Computer Science, Information Technology, or a related field is preferred

    Skills:

    + Influence

    + Result Orientation

    + Solution Design

    + Stakeholder Management

    + Technical Strategy Development

    + Access and Identity Management

    + Critical Thinking

    + Cyber Security

    + Information Systems Management

    + Risk Management

    + Collaboration

    + DevOps Practices

    + Financial Management

    + Solution Delivery Process

    + Test Engineering

    Shift:

    1st shift (United States of America)

    Hours Per Week:

    40

     

    Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.

     

    To view the "Know your Rights" poster, CLICK HERE (https://www.eeoc.gov/sites/default/files/2023-06/22-088\_EEOC\_KnowYourRights6.12.pdf) .

     

    View the LA County Fair Chance Ordinance (https://dcba.lacounty.gov/wp-content/uploads/2024/08/FCOE-Official-Notice-Eng-Final-8.30.2024.pdf) .

     

    Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy (“Policy”) establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.

     

    To view Bank of America’s Drug-free Workplace and Alcohol Policy, CLICK HERE .

     

    Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank’s required accommodation request process before your first day of work.

     

    This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.