Identity & Access Management Lead

IAM Tech Lead with 7+ years of experience in Identity & Access Management, specializing in Ping Identity solutions, Site Minder-to-Ping migration, and Terraform-based automation. The role requires strong analytical and solutioning capabilities, with the ability to lead design, development, and migration initiatives while ensuring secure, scalable, and high-performance IAM solutions.

• Lead IAM solution design and architecture using Ping Identity suite (Ping Federate, Ping Access, Ping Directory, PingID)
• Provide technical direction and oversight across IAM development and integration activities
• Review solution design, code quality, and ensure alignment with enterprise security standards

• Lead end-to-end migration from CA Site Minder to Ping Identity
• Drive application onboarding, SSO integrations, and policy migration
• Redesign authentication and authorization flows using modern protocols (SAML, OAuth, OIDC)
• Enable transition from legacy agent-based integrations to token-based architectures

• Develop infrastructure using Terraform (IaC) for IAM platform deployment and management
• Drive automation initiatives across provisioning, onboarding, and operational workflows
• Enable API-based integrations and modern authentication patterns

• Oversee L2/L3 production support ensuring 24x7 availability of IAM platforms
• Drive incident management, root cause analysis (RCA), and service improvements
• Ensure SLA adherence, system monitoring, and proactive issue resolution
• Lead DR readiness, certificate lifecycle management, and platform resiliency

• Collaborate with architecture, security, infrastructure, and application teams
• Act as technical SME for IAM discussions and decision-making forums
• Mentor and guide junior engineers and support team delivery
• Drive stakeholder communication, change management, and governance alignment

• 7+ years of experience in IAM domain
• Strong hands‑on experience in Ping Identity (Ping Federate, Ping Access, Ping Directory, PingID) and Broadcom/CA Site Minder
• Proven experience in Site Minder → Ping migration (mandatory)
• Strong expertise in SSO, Federation, and IAM architecture
• Deep knowledge of SAML, OAuth2, OpenID Connect (OIDC)
• Experience with Terraform and automation frameworks
• Strong troubleshooting and IAM flow analysis skills

• Experience with Azure AD (Entra ), Active Directory, AWS IAM
• Exposure to CI/CD tools (Jenkins, Ansible, Bitbucket)
• Experience with containers (Docker, Kubernetes)
• Knowledge of monitoring tools (Dynatrace, Sumo Logic, CA APM, etc.)
• Understanding of Zero Trust, Identity Governance, and Risk-based authentication

• Strong analytical and problem-solving mindset
• Leadership and ownership-driven approach
• Ability to manage high-pressure production scenarios
• Excellent communication and stakeholder management skills

• Bachelor’s degree in Computer Science / IT / Engineering or equivalent

• 24x7 support environment (escalation ownership)
• Rotational shifts / on‑call support when required
• Onsite‑offshore collaboration model

• Work in the office at least three (3) days per week, with flexibility to work from home two (2) days per week. Some roles may require additional in‑office time or different in‑office expectations, to be discussed during the hiring process.

Timings: 2:00p-10:30p

Ameriprise India LLP is an equal opportunity employer. We consider all qualified applicants without regard to race, color, religion, sex, genetic information, age, sexual orientation, gender identity, disability, military status, veteran status, marital status, pregnancy, family status or any other basis prohibited by law.

We are committed to fostering an inclusive and accessible recruitment process for individuals with disabilities. If you require a reasonable accommodation to participate in the application or interview process, speak to your recruiter to discuss how we can support you.