Lead ForgeRock Engineer

ForgeRock Engineer

The ForgeRock/Ping Identity engineer is responsible for designing, implementing and maintaining identity access management (IAM) solutions. This role includes identifying opportunities for automation, driving the implementation of solutions to create value, and enhancing IAM and IGA capabilities. Key responsibilities include application onboarding, workflow automation, and access policy configuration.

Key Responsibilities:

• Implement SSO, MFA, identity federation and access governance
• Configure and integrate ForgeRock with other applications, directories, and systems as required
• Enhance current ForgeRock capabilities to align with industry best practices and standards
• Collaborate with key stakeholders to understand and translate business requirements into technical specifications for ForgeRock/Ping Identity
• Perform hands-on configuration and customization of the ForgeRock/Ping Identity platform to meet specific needs
• Document the design, configuration, and customizations made to the ForgeRock/Ping Identity platform
• Work closely with the IAM Architect, implementation partner and other team members to ensure seamless delivery of the IAM solution
• Work with application and security teams to troubleshoot provisioning, authentication and access-related issues
• Ensure compliance with security policies, audit requirements and industry standards
• Support audits by providing documentation, logs or reporting as needed

Technical Expertise:

• In-depth knowledge of ForgeRock/Ping Identity features and functionality
• Technical hands-on engineering experience with IGA capabilities including application onboarding, RBAC, access request configuration, access reviews and lifecycle events
• Familiarity with access management, access governance, SOD, attribute-based access control and role-based access control (RBAC) concepts
• Familiarity with SSO technologies (SAML, OIDC)
• Experience implementing SSO, MFA, identity federation and access governance
• Strong knowledge of ForgeRock/Ping Identity architecture, configurations, capabilities and workflows
• Experience with Identity Access Management and Identity Governance Administration best practices and industry standards
• Experience with Zero Trust security models
• Excellent problem-solving skills and the ability to troubleshoot technical issues effectively.
• Strong communication and interpersonal skills, with the ability to work collaboratively in a team environment.

Qualifications

• Bachelor's degree in a Computer Science, security, or related field (or equivalent experience)
• 5+ years in IAM or security engineering
• 3+ years of hands-on technical IAM engineering experience
• 2+ years of ForgeRock engineering experience
• 3+ years of experience with one or more of the following: JAVA, PowerShell, REST API integration, BeanShell & Database Technologies
• Experience with SailPoint is a plus
• Relevant certifications in ForgeRock/Ping Identity or IAM are highly desirable.

#LI-Hybrid

High school degree or equivalent required unless otherwise noted above

The job posting range is the lowest to highest salary we in good faith believe we would pay for this role at the time of this posting. We may ultimately pay more or less than the posted range, and the range may be modified in the future. An employee's pay position within the salary range will be based on several factors including, but limited to, relevant education, qualifications, certifications, experience, skills, performance, shift, travel requirements, sales or revenue-based metrics, and business or organizational needs and affordability.

This job is also eligible for variable pay.

We offer comprehensive package of benefits including paid time off, medical/dental/vision insurance, 401(k), and a suite of well-being benefits to eligible employees.

Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, or any other form of compensation that are allocable to a particular employee remains in the Company's sole discretion unless and until paid and may be modified at the Company's sole discretion, consistent with the law.

WHY Blue Cross Blue Shield of MA?

We understand that theconfidence gapandimposter syndromecan prevent amazing candidates coming our way, so please don't hesitate to apply. We'd love to hear from you. You might be just what we need for this role or possibly another one at Blue Cross Blue Shield of MA. The more voices we have represented and amplified in our business, the more we will all thrive, contribute, and be brilliant. We encourage you to bring us your true colors, , your perspectives, and your experiences. It's in our differences that we will remain relentless in our pursuit to transform healthcare for ALL.

As an employer, we are committed to investing in your development and providing the necessary resources to enable your success. Learn how we are dedicated to creating an inclusive and rewarding workplace that promotes excellence and provides opportunities for employees to forge their unique career path by visiting ourCompany Culturepage. If this sounds like something you'd like to be a part of, we'd love to hear from you. You can also join ourTalent Communityto stay "in the know" on all things Blue.

At Blue Cross Blue Shield of Massachusetts, we believe in wellness and that work/life balance is a key part of associate wellbeing. For more information on how we work and support that work/life balance visit our "How We Work" Page.