More jobs:
ForgeRock Identity Engineer/Architect
Job in
Atlanta, Fulton County, Georgia, 30301, USA
Listed on 2026-07-03
Listing for:
Qode
Full Time
position Listed on 2026-07-03
Job specializations:
-
IT/Tech
Systems Engineer, Cybersecurity
Job Description & How to Apply Below
Forge Rock Identity Engineer / Architect
Join a high-impact POD building a self-service federated SSO platform. You'll be the hands-on Forge Rock expert designing and engineering a scalable identity broker integrating with Okta, Microsoft Entra , Ping Identity, and more. This is a build-from-scratch, code-heavy role—not admin/config.
Key responsibilities include:
- Design multi-tenant Forge Rock AM federation architecture
- Build REST APIs for programmatic SAML SP connection lifecycle (create/validate/activate)
- Implement SAML/OIDC flows, assertion validation, and secure session management across apps
- Develop scripted authentication (Groovy/JS) and automate certificate lifecycle (monitoring & rotation)
- Enable break-glass fallback, ensure high availability, and prepare SCIM-ready architecture
- Migrate existing manual SP connections to automated framework
Must have:
- 4+ years hands-on Forge Rock Access Manager (AM)
- Strong SAML 2.0 (debugging raw assertions), OIDC/OAuth 2.0
- Experience with Forge Rock REST APIs, scripted nodes, and keystore/X.509 management
- API design & integrations, LDAP, secrets management (AWS/Vault)
- Coding:
Java/Groovy + CI/CD, API testing, SAML debugging tools
Nice to have:
- Forge Rock IDM, SCIM 2.0, cloud (AWS/Azure/GCP)
- Experience with Okta / Entra / Ping as IDP
- Migration of manual SP setups to programmatic model
You'll define the identity architecture powering hundreds of future customers—owning critical decisions, building automation, and solving complex, real-world federation challenges.
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×