Back to search results

Senior IAM Engineer - Ping - SSO

Addison, Texas

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

We are seeking a highly skilled and experienced Identity and Access Management (IAM) professional to fill the role of Senior IAM Engineer. As a Senior IAM Engineer, you will play a critical role in designing, implementing, and maintaining our secure authentication and authorization services for our organization. The ideal candidate should possess a robust background in IAM with a minimum of 7-10 years of hands-on expertise in Ping Identity products, which will be instrumental in ensuring seamless and efficient access management across our systems. You must have the ability to take on leadership responsibilities for teams or projects. This position will also provide expertise, guidance, and execution of our authentication services roadmap from both tactical and strategic perspectives.

This position is both a hands-on and leadership position, including but not limited to the following activities.


Design and Architecture:

  • Collaborate with cross-functional teams to architect and implement authentication solutions using Ping FederatePing Access, Ping Directory, and other relevant tools.
  • Evaluate existing Authentication Services infrastructure and to identify potential enhancements to optimize service performance, security, and scalability.
  • Work with cross domain Identity and Authentication Services teams to collaborate on various IAM solutions and provide related guidance.
  • Collaborate with other members of the engineering team to design new features or improve existing ones. Identify process improvement opportunities for review and subsequent implementation.

Implementation and Integration:

  • Provide SME level guidance to SSO Integration and SSO Engineering teams on the implementation of Authentication solutions, including configuration, customization, and integration with various applications and services.
  • SME level experience with SAML, OIDC, OAuth, MFA, and FIDO2.
  • Plan and lead major technology assignments.

Security and Compliance:

  • Ensure our Authentication Services are in compliance with industry standards and best practices, such as SAML, OAuth, FIDO2, and OIDC.
  • Participate in and provide expertise and guidance when asked to participate in security assessments, vulnerability scans, and risk assessments related to Authentication Services components.
  • Ensure that all Group Policy Management (GPM) changes are controlled and documented to comply with the organization’s policies.

Troubleshooting and Support:

  • Investigate and resolve Authentication Services related issues, including authentication failures, token management, and user provisioning.
  • Provide support for MFA and FIDO2 integrations with Authentication Services powered by Ping Identity products.
  • Provide advanced troubleshooting support for Authentication Services that leverage oAuth, OIDC, MFA, and FIDO2 to identify root cause and implement bug fixes when needed.
  •  Provide expert-level support to internal teams and end-users.

Documentation and Training:

  • Create detailed technical documentation for Authentication Services configurations, workflows, and troubleshooting guides.
  • Mentor other members of the team on Web Access Management / API Security best practices.
  • Conduct training sessions for IT staff and end-users on Authentication Services best practices and usage.
  • Leverage industry standards for documentation using Jira, Horizon, or Confluence to ensure the team has artifacts and procedures for various day to day and complex implementations.



  • 7+ years of experience managing and supporting Authentication Services systems, with expertise in Ping Federate, Ping Access, and Ping Directory.
  • Bachelor’s degree in Computer Science, Information Technology, or a related field, or commensurate enterprise level experience.
  • Hands-on experience (at least 7 years) integrating applications using industry standards such as SAML/OIDC/OAuth/FIDO2.
  • Excellent problem-solving abilities and analytical thinking.
  • Proven ability to execute projects independently and collaborate effectively with relevant stakeholders to achieve project/task completion.
  • Expertise in Policy creation and implementation, with policy fragment experience a strong plus.
  • Excellent communication skills, both verbal and written

Enterprise Role Overview:

This job is responsible for supporting multiple security engineering efforts to deliver enterprise security capabilities. Key responsibilities include serving as a subject matter expert of security technology, overseeing major engineering milestones including the design, development, and implementation of systems, and reporting on key metrics. Job expectations include executing on engineering initiatives, partnering with cross-functional teams, solving complex issues within one or more security domains, and mentoring team members.


1st shift (United States of America)

Hours Per Week: 


Learn more about this role

Full time


Manages People: No

Travel: Yes, 5% of the time

Street Address

Primary Location:
16001 N Dallas Pkwy, TX, Addison, 75001