Identity & Access Engineer - 12-18 Month Contract

AND Digital

  • Amsterdam, Noord-Holland
  • Vast
  • Voltijds
  • 9 dagen geleden
  • Versneld solliciteren
OverviewDuration: 12-18 MonthsStart date: ASAPLocation: AmsterdamAbout the RoleAND Digital is seeking experienced Identity Federation Engineers to join our team for a strategic project. This initiative will establish PingFederate as our clients primary identity federation platform, serving both internal employees and external customers.You will play a key role in designing, implementing, and optimizing secure and scalable identity federation services that support regulatory compliance, seamless user experience, and strong security posture.Key Responsibilities
  • Solution Design & Implementation
  • Design, configure, and implement IAM solution (PingFederate) as the central federation service for the bank.
  • Integrate IAM solution (PingFederate) with internal directories (Active Directory, LDAP) and customer identity repositories.
  • Implement SSO and secure authentication mechanisms for internal staff, partners, and customer-facing applications.
  • Engineering & Development
  • Develop custom adapters, connectors, or plugins within PingFederate where required using Ping SDK (Java)
  • Collaborate with application teams to onboard internal and external applications to the federation platform.
  • Ensure APIs and services are secured through federation standards (SAML, OAuth2, OpenID Connect).
  • Operations & Support
  • Create operational procedures, monitoring, and alerting for IAM (PingFederate services).
  • Troubleshoot federation-related issues across applications, directories, and network layers.
  • Provide tier-3 engineering support for complex federation incidents.
  • Governance & Compliance
  • Align federation designs with banking regulatory requirements (e.g., PSD2, GDPR, SOX).
  • Contribute to IAM security architecture and risk assessments.
  • Document configurations, runbooks, and federation standards.
  • Collaboration
  • Work closely with IAM architects, security engineers, and application owners.
  • Support training and knowledge transfer for operational teams.
Required Skills & Experience
  • Strong hands-on experience with design, deployment, troubleshooting of IAM Solutions (preferably PingFederate or Forgerock).
  • Solid understanding of federation and authentication protocols: SAML 2.0, OAuth 2.0, OpenID Connect, WS-Fed
  • Familiarity with API security (OAuth2, JWT, MTLS)
  • Good working knowledge of IAM principles
  • Experience working in banking or other regulated industries, with awareness of compliance frameworks.
  • Experience with developing backend APIs using Java
  • Experience with older authentication mechanisms (Basic, Digest, Form, NTLM, Radius, X.509 certificates)
Preferred Qualifications
  • Experience with other Ping Identity products (PingAccess, PingID, PingOne).
  • Familiarity with cloud IAM (AWS IAM, Azure AD B2C, GCP IAM).
  • Knowledge of Zero Trust security principles.
  • Experience with CI/CD pipelines
RequirementsBenefitsEqual Opportunities:At AND Digital we embrace diversity and are committed to equal opportunities. We are actively recruiting for a diverse and inclusive workforce so want to ensure we do everything we can to support your application.
We want you to feel safe and empowered to let us know if you require any adjustments to be made to your application or interview process so please speak to our recruitment team.

AND Digital