About this job opportunity
Our Vision
To be the world's most trusted global payroll partner, simplifying pay for all employees.
Our Mission
Empowering global workforces with seamless, compliant, and innovative payroll and payment solutions, enabling businesses to thrive in a connected world.
Our People
Our fundamental beliefs at CloudPay are built on core values of professionalism, passion, empowerment, innovation, and teamwork. We value our employees and strive to create a great workplace where everyone is valued, heard, inspired, and encouraged to bring their authentic selves to work. We're committed to providing an excellent employee experience through fulfilling projects, empowerment to make a difference, and an environment that inspires innovation.
What makes this role exciting
This role balances high-level architectural vision with deep, hands-on technical execution. This is a critical role responsible for the end-to-end implementation of our Identity modernisation roadmap. The role will be expected to design the "big box" strategy and personally execute the configuration, integration, and deployment of our Identity fabric.
The role will lead our transition to a Zero Trust architecture by building and scaling the infrastructure that integrates IGA, PAM, and PIM with our PingIdentity ecosystem. This role is for a technical leader who delivers results through direct engineering contribution and technical mentorship.
Main responsibilities:
Hands-On Engineering & Implementation
Deployment & Configuration: Lead the installation, fine-tuning, and maintenance of the PingIdentity suite, including PingFederate, PingDirectory, and PingAccess.
Fabric Integration: Personally develop the technical connectors and workflows between authentication layers and our IGA and PAM/PIM platforms.
Infrastructure as Code: Build and manage identity infrastructure using Terraform or Ansible, ensuring all configurations are automated and version-controlled.
CIAM Build: Engineer scalable customer identity journeys that resolve complex federated access requirements while maintaining a seamless user experience.
Technical Leadership & Mentorship
Standard Setting: Define the technical standards for the identity team by producing high-quality code, rigorous documentation, and robust architectural patterns.
Advanced Troubleshooting: Act as the primary escalation point for the most complex technical failures, performing deep-dive analysis of protocol exchanges (SAML, OIDC, OAuth2).
Mentorship: Provide structured technical guidance to junior and mid-level engineers, upskilling the team through peer reviews and collaborative problem-solving.
Stakeholder engagement: Excellent collaboration and communication skills. Ability to influence stakeholders across multiple teams and levels.
Experience needed for this role:
Experience: Solid hands-on engineering experience in IAM
PingIdentity Mastery: Extensive hands-on experience deploying and managing PingFederate (SAML/OAuth/OIDC configurations), PingDirectory, and PingAccess (WAM/API security).
Identity Modernisation: A proven track record of executing the migration of legacy identity systems to modern, claims-based architectures.
Tooling & Governance: Direct experience configuring and integrating IGA tools (e.g. SailPoint, Saviynt) and PAM/PIM solutions to enforce the principle of least privilege.
Protocol Expertise: Expert-level capability in debugging and configuring SAML, OIDC, OAuth2, and SCIM workflows.
Core IAM Concepts: Strong understanding of RBAC, ABAC, Zero Trust architecture, and Directory Services (LDAP, Active Directory, Azure AD/Entra ID).
PAM/PIM Knowledge: Proven experience implementing or managing PAM solutions (e.g., vaulting, session recording, password rotation) and PIM principles (role elevation, time-bound access).
DevOps & Automation: Proficiency in scripting (Python, PowerShell, Bash) and Infrastructure as Code (Terraform, Ansible) to automate IAM deployments.
Troubleshooting: Ability to analyze HTTP headers, trace logs (Fiddler, Wireshark), and identity telemetry to resolve complex authentication flow issues
Core Competencies
Builder Mindset: A strong preference for hands-on creation and a drive to see technical projects through to completion.
Strategic Execution: The ability to understand the broader business objective and translate it into a functional, secure technical reality.
Technical Rigour: A disciplined engineering approach that prioritises correct facts and industry standards over temporary workarounds.
Preferred Qualifications:
Certifications: Ping Identity Certified Professional (PingFederate/PingAccess), CISSP, CISM, or vendor-specific PAM certifications (e.g., CyberArk Defender).
Cloud Identity: Extensive experience with cloud identity providers (Azure AD/Entra ID) and securing workloads in AWS, Azure, or GCP.
Containerization: Experience deploying IAM solutions in Docker/Kubernetes environments.
Languages: Excellent written and oral communication skills in English.
About you and Our core values
Taking ownership, working with integrity and respect
Being a team player is key to our culture
Solution and customer focused
Great initiative with the goal for excellence in achieving results
Dedicated to developing and always looking for continuous improvements
Be creative, be committed, be engaged and enjoy what you do
United Kingdom Package and benefits
Competitive Salary
Competitive vacation allowance
Calm app
WFH Allowance
Life Assurance
Private Medical Insurance
Cycle to Work Scheme
EAP
Eye Tests & Glasses Contribution
Simplyhealth Enhanced Health Plan
Pension Scheme
Give-As-You-Earn (GAYE)
Employee Referral Program
CloudPay NOW
Paid Volunteering days
Marriage Leave
Bereavement Leave
Vacation Purchase Plan
CloudPay is committed to being an equal opportunities employer. #LI-LN1 #LI-HIBRID #LI-REMOTE
The CloudPay culture is built upon on five core values, from which we develop our service, our technology and our business strategies. Our fundamental beliefs are a promise to our employees, customers and partners, built on the core values of professionalism, passion, empowerment, innovation, and teamwork.
Glassdoor