Logo for Cloudpay

Senior Identity Management Engineer

Key Facts

Remote From: 
Full time
Senior (5-10 years)
English

Other Skills

  • •
    Communication
  • •
    Teamwork
  • •
    Problem Solving
  • •
    Creativity

Roles & Responsibilities

  • Solid hands-on engineering experience in IAM
  • Extensive hands-on experience deploying and managing PingFederate, PingDirectory, and PingAccess
  • Proven experience implementing or managing PAM solutions
  • Strong understanding of RBAC, ABAC, Zero Trust architecture, and Directory Services

Requirements:

  • Lead the installation, fine-tuning, and maintenance of the PingIdentity suite
  • Personally develop the technical connectors and workflows between authentication layers and IGA/PAM/PIM platforms
  • Build and manage identity infrastructure using Terraform or Ansible
  • Define the technical standards for the identity team and act as the primary escalation point for complex technical failures

Job description

About this job opportunity
 

Our Vision

To be the world's most trusted global payroll partner, simplifying pay for all employees.

Our Mission

Empowering global workforces with seamless, compliant, and innovative payroll and payment solutions, enabling businesses to thrive in a connected world.

Our People

Our fundamental beliefs at CloudPay are built on core values of professionalism, passion, empowerment, innovation, and teamwork. We value our employees and strive to create a great workplace where everyone is valued, heard, inspired, and encouraged to bring their authentic selves to work. We're committed to providing an excellent employee experience through fulfilling projects, empowerment to make a difference, and an environment that inspires innovation.

What makes this role exciting
This role balances high-level architectural vision with deep, hands-on technical execution. This is a critical role responsible for the end-to-end implementation of our Identity modernisation roadmap. The role will be expected to design the "big box" strategy and personally execute the configuration, integration, and deployment of our Identity fabric.
The role will lead our transition to a Zero Trust architecture by building and scaling the infrastructure that integrates IGA, PAM, and PIM with our PingIdentity ecosystem. This role is for a technical leader who delivers results through direct engineering contribution and technical mentorship.

Main responsibilities:

Hands-On Engineering & Implementation

  • Deployment & Configuration: Lead the installation, fine-tuning, and maintenance of the PingIdentity suite, including PingFederate, PingDirectory, and PingAccess.

  • Fabric Integration: Personally develop the technical connectors and workflows between authentication layers and our IGA and PAM/PIM platforms.

  • Infrastructure as Code: Build and manage identity infrastructure using Terraform or Ansible, ensuring all configurations are automated and version-controlled.

  • CIAM Build: Engineer scalable customer identity journeys that resolve complex federated access requirements while maintaining a seamless user experience.

Technical Leadership & Mentorship

  • Standard Setting: Define the technical standards for the identity team by producing high-quality code, rigorous documentation, and robust architectural patterns.

  • Advanced Troubleshooting: Act as the primary escalation point for the most complex technical failures, performing deep-dive analysis of protocol exchanges (SAML, OIDC, OAuth2).

  • Mentorship: Provide structured technical guidance to junior and mid-level engineers, upskilling the team through peer reviews and collaborative problem-solving.

  • Stakeholder engagement: Excellent collaboration and communication skills.  Ability to influence stakeholders across multiple teams and levels. 

Experience needed for this role:

  • Experience: Solid hands-on engineering experience in IAM

  • PingIdentity Mastery: Extensive hands-on experience deploying and managing PingFederate (SAML/OAuth/OIDC configurations), PingDirectory, and PingAccess (WAM/API security).

  • Identity Modernisation: A proven track record of executing the migration of legacy identity systems to modern, claims-based architectures.

  • Tooling & Governance: Direct experience configuring and integrating IGA tools (e.g. SailPoint, Saviynt) and PAM/PIM solutions to enforce the principle of least privilege.

  • Protocol Expertise: Expert-level capability in debugging and configuring SAML, OIDC, OAuth2, and SCIM workflows.

  • Core IAM Concepts: Strong understanding of RBAC, ABAC, Zero Trust architecture, and Directory Services (LDAP, Active Directory, Azure AD/Entra ID).

  • PAM/PIM Knowledge: Proven experience implementing or managing PAM solutions (e.g., vaulting, session recording, password rotation) and PIM principles (role elevation, time-bound access).

  • DevOps & Automation: Proficiency in scripting (Python, PowerShell, Bash) and Infrastructure as Code (Terraform, Ansible) to automate IAM deployments.

  • Troubleshooting: Ability to analyze HTTP headers, trace logs (Fiddler, Wireshark), and identity telemetry to resolve complex authentication flow issues

 Core Competencies

  • Builder Mindset: A strong preference for hands-on creation and a drive to see technical projects through to completion.

  • Strategic Execution: The ability to understand the broader business objective and translate it into a functional, secure technical reality.

  • Technical Rigour: A disciplined engineering approach that prioritises correct facts and industry standards over temporary workarounds.

Preferred Qualifications:

  • Certifications: Ping Identity Certified Professional (PingFederate/PingAccess), CISSP, CISM, or vendor-specific PAM certifications (e.g., CyberArk Defender).

  • Cloud Identity: Extensive experience with cloud identity providers (Azure AD/Entra ID) and securing workloads in AWS, Azure, or GCP.

  • Containerization: Experience deploying IAM solutions in Docker/Kubernetes environments.

Languages: Excellent written and oral communication skills in English. 

About you and Our core values

  • Taking ownership, working with integrity and respect

  • Being a team player is key to our culture

  • Solution and customer focused

  • Great initiative with the goal for excellence in achieving results

  • Dedicated to developing and always looking for continuous improvements

  • Be creative, be committed, be engaged and enjoy what you do

United Kingdom Package and benefits

  • Competitive Salary

  • Competitive vacation allowance

  • Calm app

  • WFH Allowance

  • Life Assurance

  • Private Medical Insurance

  • Cycle to Work Scheme

  • EAP

  • Eye Tests & Glasses Contribution

  • Simplyhealth Enhanced Health Plan

  • Pension Scheme

  • Give-As-You-Earn (GAYE)

  • Employee Referral Program

  • CloudPay NOW

  • Paid Volunteering days

  • Marriage Leave

  • Bereavement Leave

  • Vacation Purchase Plan

CloudPay is committed to being an equal opportunities employer. #LI-LN1 #LI-HIBRID #LI-REMOTE

The CloudPay culture is built upon on five core values, from which we develop our service, our technology and our business strategies. Our fundamental beliefs are a promise to our employees, customers and partners, built on the core values of professionalism, passion, empowerment, innovation, and teamwork.
Glassdoor

Engineering Manager Related jobs

Other jobs at Cloudpay

We help you get seen. Not ignored.

We help you get seen faster — by the right people.

🚀

Auto-Apply

We apply for you — automatically and instantly.

Save time, skip forms, and stay on top of every opportunity. Because you can't get seen if you're not in the race.

✨

AI Match Feedback

Know your real match before you apply.

Get a detailed AI assessment of your profile against each job posting. Because getting seen starts with passing the filters.

Upgrade to Premium. Apply smarter and get noticed.

Upgrade to Premium

Join thousands of professionals who got noticed and hired faster.