Ping Engineer

This is a Non-Employee Contingent Worker Role providing services for TIAAs family of companies and will be employed by TIAAs preferred 3rd Party Supplier. As a Non-Employee CW perform a variety of moderately complex business planning support and project-related an exceptional standard of quality and holds themselves accountable to achieving excellent results.

This role will sit onsite likely in a hybrid capacity at the location(s) listed in this posting.

• Assessing the technical viability of emerging products and technologies.
• Working with developers and infrastructure specialists to test and evaluate new technologies.
• Participating in the development of business cases and obtaining approvals for capital expenditures.
• Monitoring and analyzing new technology product performance and resolving issues regarding potential improvements or modifications to complex situations as needed.

• University (Degree) Preferred

• 5 Years Required; 7 Years Preferred

• Physical Requirements: Sedentary Work

Ping Engineer

About the Role

We are looking for an experienced and passionate Ping Engineer to join our Customer Identity and Access Management (CIAM) this role you will take end-to-end technical ownership of identity and access management solutions working closely with architects engineers and business stakeholders to design build and maintain secure scalable and highly available identity platforms. You are someone who thrives in a collaborative environment champions engineering best practices and is energized by solving complex identity security and fraud challenges.

Key Responsibilities

As a Ping Engineer you will serve as a subject matter expert in the Ping Identity suite leading the design implementation and operational support of PingFederate PingAccess and Ping Directory across enterprise environments. You will architect and deliver identity solutions that leverage industry-standard security protocols including OAuth 2.x SAML and LDAP ensuring they meet both functional and non-functional requirements for performance security and reliability.

Operational Excellence in CIAM and Fraud Engineering

You will own and drive operational excellence across CIAM and fraud engineering domains ensuring that identity and fraud prevention platforms are highly available resilient and continuously improving. This includes establishing and monitoring key performance indicators and service level objectives for all CIAM services proactively identifying risks and vulnerabilities and leading efforts to remediate issues before they impact customers or the business.

You will lead level 3 incident management and response activities for CIAM and fraud-related events serving as a technical escalation point during high-severity incidents. You will drive thorough post-incident reviews ensuring root cause analysis is completed corrective actions are tracked to closure and learnings are shared broadly to strengthen the platform. You will maintain detailed runbooks operational playbooks and disaster recovery documentation to support rapid and consistent incident response.

You will establish and champion a culture of proactive platform health management leveraging observability tools such as Dynatrace to build comprehensive dashboards alerts and automated remediation capabilities. You will define and enforce standards for logging tracing and monitoring across all CIAM and fraud engineering services to ensure full operational visibility.

You will drive continuous improvement initiatives across the CIAM and fraud engineering landscape including capacity planning performance tuning platform hardening and regular security assessments. You will collaborate with security risk and compliance teams to ensure that identity and fraud platforms meet regulatory requirements and internal control standards including those related to data privacy access governance and audit logging.

Core Engineering Responsibilities

You will collaborate across technical disciplines including application development cloud infrastructure security and enterprise architecture to integrate identity solutions seamlessly into the broader technology ecosystem. This includes working with containerized environments on OpenShift and AWS EKS as well as supporting identity capabilities delivered through Transmit Security.

You will champion Agile software development methodologies actively participating in sprint planning backlog grooming and iterative delivery. You will advocate strongly for unit testing test-driven development and automated testing practices helping to establish and uphold quality standards across the team.

You will work within a modern cloud and DevOps environment leveraging AWS services infrastructure-as-code tooling such as Terraform and observability platforms such as Dynatrace to ensure platform health and operational excellence. You will utilize automated build and deployment pipelines Git-based source control and Gradle for build automation as part of a mature CI/CD practice.

Required Qualifications

To be successful in this role you will bring deep hands-on experience with the Ping Identity suite specifically PingFederate PingAccess and Ping Directory along with a strong command of OAuth 2.x SAML and LDAP security protocols. You will have a solid background in Java development and the Spring Framework ecosystem and be comfortable working with RESTful APIs OpenAPI specifications and data formats including JSON XML XSD and XSLT.

You will have demonstrated experience driving operational excellence within a CIAM or identity engineering context including incident management SLO/SLA ownership observability and platform reliability engineering. Experience collaborating with or working within fraud engineering teams to build identity-aware fraud detection and prevention capabilities is highly valued.

You will have experience working in containerized environments using OpenShift or Amazon EKS and familiarity with cloud platforms including AWS. Experience with relational and NoSQL databases including Oracle PL/SQL and MongoDB is expected.

You will demonstrate strong leadership and interpersonal skills with the ability to communicate complex technical concepts clearly to both technical and non-technical audiences. You are analytical detail-oriented and bring a genuine passion for technology and solving real-world problems through innovative engineering solutions.

Preferred Qualifications

Experience with Transmit Security is strongly preferred. Familiarity with risk-based authentication behavioral biometrics and fraud signal integration is a strong plus. Prior experience in financial services or a highly regulated industry is advantageous particularly where identity and fraud controls are subject to rigorous compliance and audit requirements.

Technical Skills Summary

Identity & Security: PingFederate PingAccess Ping Directory Transmit Security OAuth 2.x SAML LDAP

Fraud & Risk: Risk-Based Authentication Adaptive Access Controls Behavioral Analytics Account Takeover Prevention Credential Stuffing Detection Fraud Signal Integration

Languages & Frameworks: Java Spring Boot Spring Security Spring MVC Spring Batch REST OpenAPI

Cloud & Infrastructure: AWS GCP OpenShift EKS Terraform Dynatrace

Data & Integration: Oracle PL/SQL MongoDB JSON XML XSD XSLT JAXB

Front End: HTML JavaScript JQuery React AngularJS

DevOps & Tooling: Git Gradle jUnit Mocking Frameworks CI/CD Pipelines

Operational Excellence: SLO/SLA Management Incident Response Runbook Development Observability Platform Reliability Engineering Capacity Planning Security Assessments

Anticipated Posting End Date:

Actual base salary may vary based upon but not limited to relevant experience time in role base salary of internal peers prior performance business sector and geographic location.

Equal Opportunity

We are an Equal Opportunity Employer. TIAA does not discriminate against any candidate or employee on the basis of age race color national origin sex religion veteran status disability sexual orientation gender identity or any other legally protected status.

Our full EEO & Non-Discrimination statement is on our careers home page and you can read more about your rights and view government notices here.

Accessibility Support

TIAA offers support for those who need assistance with our online application process to provide an equal employment opportunity to all job seekers including individuals with disabilities.

If you are a U.S. applicant and desire a reasonable accommodation to complete a job application please use one of the below options to contact our accessibility support team:

Phone:

Email:

Drug and Smoking Policy

TIAA maintains a drug-free and smoke/free workplace.

Privacy Notices

For Applicants of TIAA Nuveen and Affiliates residing in US (other than California) click here.

For Applicants of TIAA Nuveen and Affiliates residing in California please click here.

ForApplicants of TIAA Global Capabilities click here.

For Applicants of Nuveen residing in Europe and APAC please click here.