• Design benchmark tasks by identifying vulnerability classes (type/subtype and difficulty level) and validating the intended exploit behavior • Create or validate small, runnable codebases (environment repositories) that include data ingestion and prompt/tool usage where trust boundaries may be violated • Validate attacks by writing exploit scripts and clearly documenting the resulting unsafe behavior • Implement or verify patches that prevent exploits, ensuring the fixes effectively mitigate the vulnerability • Produce detailed task metadata, including severity mapping, file and line references, impact analysis, remediation summaries, and relevant documentation • Conduct review and quality checks to ensure file paths resolve correctly, line ranges are accurate, sensitive labels are not leaked, and the patch successfully blocks the exploit

• Perform manual and automated testing of web applications, APIs, and mobile apps (iOS/Android) • Conduct network and cloud level assessments • Triage and validate reports from automated scanners or bug bounty hunters • Perform prompt injection and jailbreak tests on AI prototypes • Draft high-quality reports detailing the "path to compromise" • Manage and update the team's testing infrastructure • Provide direct technical guidance to engineering teams • Design and lead multi-week Red Team operations • Build custom payloads and obfuscated scripts • Build automated testing frameworks for AI systems • Execute sophisticated attacks against cloud services • Collaborate with SIRT and Detection Engineering

• Own information security across the company • Define and maintain the security strategy, roadmap, and risk posture • Identify, assess, prioritize, and drive remediation of security risks • Build a strong security culture and awareness within the organisation • Ensure proper security policies, standards and guidelines are in place • Partner with Engineering and DevOps to ensure security of architecture, cloud, APIs, data flows and define secure SDLC practices • Own incident response process endtoend, including plans, coordination, and postincident improvements • Act as the main contact point for incidents • Own and manage regulatory and compliance programs (financial regulation, GDPR, future PCI DSS/and or ISO certifications) • Lead audits, assessments, and interactions with regulators and auditors • Provide clear reporting to leadership and be able to assess security risks in business terms

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description The Identity Engineer will serve as the technical expert responsible for application integration, support, design, and implementation of access enterprise platforms within the authentication and identity lifecycle. The ideal candidate will be able to design, develop, test, and maintain solutions that exceed our customers' needs. - Develop workflows and interfaces that follow best practices and support customer needs - Develop maintainable, testable, and reusable code and configurations based on industry best practices - Take responsibility for the solution from design to deployment - Interface with internal stakeholders to ensure appropriate documenting and analysis of requirements, solution design, development, testing, and production deployment - Communicate effectively to stakeholders concerning design, planning, and implementation, as well as explaining solutions to non-technical audiences - Ensure documentation allows for stakeholders and developers to integrate with the solution successfully - Take ownership of and resolve technical issues from development to production - Ensure quality of developed solutions through testing and lessons learned - Focus on process improvements via innovative methods to assist in the automation of manual tasks - Be a key contributor in roadmap development to advance the Identity Services team and add continuous value for our internal and customer teams - Participate in code reviews, integration, and deployment events - Deep deployment and configuration experience specifically with Ping Identity tools, including PingFederate, PingAccess, and PingDirectory Qualifications - United States Citizen. Candidates must be currently authorized to work in the United States without the need for employment-based visa sponsorship now or in the future - Must be eligible to obtain a secret or top secret security clearance - A bachelor's degree in computer science, information systems, or other related fields; or equivalent work experience - 3-5+ years of experience deploying and managing enterprise IAM platforms with a demonstrated ability to work across a broad range of technologies, such as multi-tiered architecture, databases, and LDAP, to deliver complex solutions - Hands-on expertise with PingFederate, including federation protocol configuration (SAML, OAuth 2.0, OIDC), adapter development, and integration with enterprise applications - Proficiency with PingAccess for policy-based access control, token management, and reverse proxy configurations - Experience with PingDirectory for directory services, schema management, and LDAP/REST API interactions - Proficiency with X509 certificate management and FIPS configuration standards - Familiarity with PingOne cloud services and PingOne for Enterprise, including MFA, SSO, and workforce identity solutions - Subject matter expert for core IAM capabilities: Identity Lifecycle Management, Access Management, Identity Governance, and Access Certification - Development experience in Java, REST/SOAP API, and a variety of other integration methods (LDAP, JDBC, Flat file) - Strong scripting knowledge - Advanced skillset in collaboration; able to lead team-oriented projects effectively without the need for constant guidance across all situations - Strong familiarity with security issues surrounding Identity Access Management and experience implementing security systems and controls, with deep knowledge of security components, principles, practices, and procedures - Strong mastery of the Ping Identity suite; experience with SailPoint IdentityIQ, ForgeRock, or Radiant Logic is a plus Requirements - Ping Identity certifications (PingFederate, PingAccess, PingDirectory, or PingOne) - Experience connecting various SSO platforms and federating identity across hybrid environments - Experience with other IAM / ICAM tools, including SailPoint IIQ or ForgeRock - Experience with Agile development methodology - Ability to communicate effectively - Mastery of JIRA and Confluence Benefits - 100% employer covered health care premiums - 6% 401k match - Substantial education and professional development budget - 25 PTO days per year, which increases with tenure