Lead IAM Engineer

Role Value Proposition :

We are looking for an exceptional lead engineer with specialized focus on implementation and management of modern authentication access management tools.

You will be a SME & critical member of the Authentication Services engineering team that owns and manages Customer IAM (CIAM) services across on-prem and in cloud. Presenting an opportunity to implement innovative identity solutions using modern authentication, cloud based IDP, ID verification and directory technologies.

As a global company, you will collaborate with cross-functional teams including security, IT and business units across US, LATAM, EMEA and APAC regions to lead, drive and deliver global CIAM solutions. Working hours for this role are aligned to US EST time zone.

Key Responsibilities :

Lead CIAM engineering initiatives across hybrid cloud environments supporting millions of customer identities.

Work closely with IAM Architect to solution design and publish new CIAM Patterns

Design and implement customer-facing identity flows including registration, login, MFA, and account recovery.

Administration and Management of LDAP directories within CIAM portfolio. Implement proper security controls and policies (Schema, Password policies, ACI, Encryption, TLS)

Provide domain expertise in Authentication / Directory services, consult global IT teams and business units on new integrations and best practice

Support CIAM tech stack integration with web and mobile applications using SAML, OAuth, and OpenID Connect protocols.

Implement fraud detection and mitigation strategies using ID proofing services

Conduct CIAM platform upgrades, patching, and performance tuning to ensure high availability and scalability.

Provide leadership in level 3 support, troubleshooting and perform RCA

Showcase operational excellence, planning & ability to drive large scale projects

Implement CIAM analytics and monitoring using tools like Splunk and Elastic to track authentication trends and anomalies

Provided mentorship and technical leadership to other team members

Develop and maintain CIAM architecture documentation, runbooks, and operational playbooks.

Undergo regular security audits, identity lifecycle management, and compliance assessments to ensure adherence to global standards such as GDPR, PCI, etc.

Essential Business Experience and Technical Skills :

Required Skills :

6 - 8+ years of strong experience in designing and implementing LDAP directory services (like Ping Directory, OUD, ADLDS, Tivoli, CA Directory)

3 - 5+ years of strong experience in designing and implementing data sync solutions (PingDataSync or using scripts)

3+ years of experience with tools like SiteMinder, Ping Federate, Ping Access, Ping One with hands-on knowledge of SAML 2.0, OAuth, OpenID Connect, SSO, Web Access Management, Cloud Security, API Security.

Experience implementing fraud detection and mitigation strategies during identity onboarding and verification using ID proofing services (e.g., IDDataWeb, 1Kosmos, ID.me, LexisNexis) into CIAM workflows

Self-starter attitude, ability to drive efforts to closure. Possess good verbal and written communication skills with focused attention to detail.

Preferred :

Strong knowledge in Ping Directory, Ping DataSync, Ping Directory Proxy, Ping Federate, Ping Access

Experience implementing ID Proofing services

Strategic thinking with the ability to lead large-scale IAM initiatives

Solid understanding of cloud security frameworks and zero-trust architecture

Agile and DevSecOps experience

Ping Identity Certification is a plus

At MetLife, we're leading the global transformation of an industry we've long defined. United in purpose, diverse in perspective, we're dedicated to making a difference in the lives of our customers.

Equal Employment Opportunity / Disability / Veterans

If you need an accommodation due to a disability, please email us at accommodations@metlife.com. This information will be held in confidence and used only to determine an appropriate accommodation for the application process.

MetLife maintains a drug-free workplace.