1

Forgerock Architect Jobs (NOW HIRING)

Position Overview We are seeking an experienced IAM Architect / Subject Matter Expert (SME ... The ideal candidate will have strong hands-on experience with ForgeRock IDM , deep understanding of ...

Position Overview We are seeking an experienced IAM Architect / Subject Matter Expert (SME ... The ideal candidate will have strong hands-on experience with ForgeRock IDM , deep understanding of ...

We are looking for an expert IAM consultant - preferably using Forgerock! * 5+ years of Identity and Access Management (IAM) experience * Experience migrating IAM stacks * Experience as IAM architect ...

Provide subject matter expertise surrounding the various security controls (MFA, Device Binding, Session Control) within ForgeRock\Ping platform. Work with application domain architects to design ...

What You'll Do • Responsible for the architecture and design of new features/capabilities Scotiabank is looking to introduce into the IAM platform (ForgeRock / Ping / PingOne Advanced Identity ...

Expertise in IAM platforms (Okta, SailPoint, Ping, ForgeRock), PAM solutions (CyberArk, BeyondTrust ... Architect IAM for engineering design workflows, integrating with EDA tools (Cadence, Synopsys ...

Expertise in IAM platforms (Okta, SailPoint, Ping, ForgeRock), PAM solutions (CyberArk, BeyondTrust ... Architect IAM for engineering design workflows, integrating with EDA tools (Cadence, Synopsys ...

IAM Architect/Lead

Plano, TX · On-site

$53 - $72.50/hr

Lead the design and architecture of IAM systems including SSO, MFA, provisioning, directory ... Experience in Amazon Web Services ,ForgeRock and OKTA implementation on SAAS * Experience with ...

IAM Architect Location: Charlotte, NC / Dallas, TX (Hybrid) We are seeking a highly experienced ... Deep experience with IAM platforms like SailPoint, Okta, One Identity, Ping Identity, ForgeRock ...

Azure Cloud Architect

Howell, NJ · On-site

$65.25 - $83/hr

Cloud Architect Hands-on Cloud Architect to lead the Cloud Migration architecture, design ... ForgeRock, Gateways, WAFs, Load balancers, message, event and other communication components Data ...

IAM Architect / Lead - Plano, TX

Murphy, TX · On-site

$52.75 - $72.50/hr

IAM Architect/Lead Location: Plano, TX - Onsite Duration: 12+ Months Consultant needs to be local ... Experience in Amazon Web Services ,ForgeRock and OKTA implementation on SAAS * Experience with ...

IAM Architect Location: Charlotte, NC / Dallas, TX (Hybrid) We are seeking a highly experienced ... Deep experience with IAM platforms like SailPoint, Okta, One Identity, Ping Identity, ForgeRock ...

Azure Cloud Architect

Boston, MA · On-site

$110K - $120K/yr

Azure Cloud Architect Location: Boston, MA/ Princeton, NJ (Day 1 Onsite) Job Type: Fulltime Salary ... and ForgeRock, Gateways, WAFs, Load balancers, message, event and other communication components.

next page

Showing results 1-20

Forgerock Architect information

See salary details

$10

$61

$105

How much do forgerock architect jobs pay per hour?

As of Jul 1, 2026, the average hourly pay for forgerock architect in the United States is $61.25, according to ZipRecruiter salary data. Most workers in this role earn between $42.07 and $75.24 per hour, depending on experience, location, and employer.

How does a ForgeRock Architect typically collaborate with cross-functional teams during identity and access management (IAM) projects?

A ForgeRock Architect works closely with security, development, operations, and business teams to design and implement IAM solutions tailored to organizational needs. They often facilitate workshops to gather requirements, create technical blueprints, and ensure seamless integration with existing IT systems. Collaboration includes mentoring developers on ForgeRock best practices, coordinating with project managers to meet deadlines, and communicating with stakeholders to align technical solutions with business objectives. This role requires strong interpersonal skills to navigate the complexities of cross-departmental projects and ensure successful outcomes.

What is the difference between Forgerock Architect vs Forgerock Developer?

AspectForgerock ArchitectForgerock Developer
Primary RoleDesigns and oversees the implementation of ForgeRock identity solutionsDevelops and codes ForgeRock modules and integrations
Required SkillsArchitecture, system design, project managementProgramming, scripting, technical troubleshooting
CertificationsForgeRock certifications, architecture credentialsForgeRock developer certifications
Work EnvironmentProject planning, client interaction, high-level designCode development, testing, debugging

The Forgerock Architect focuses on designing and planning ForgeRock solutions, ensuring they meet client needs, while the Forgerock Developer implements these designs through coding and technical development. Both roles require ForgeRock certifications but differ in scope and responsibilities.

What is a ForgeRock Architect?

A ForgeRock Architect is an IT professional who specializes in designing and implementing identity and access management (IAM) solutions using ForgeRock products. They are responsible for planning system architecture, integrating ForgeRock Identity Platform components, and ensuring security and scalability. Their expertise includes understanding authentication, authorization, user provisioning, and directory services. ForgeRock Architects often collaborate with stakeholders to tailor solutions that meet business and regulatory requirements.

What are the key skills and qualifications needed to thrive as a ForgeRock Architect, and why are they important?

To thrive as a ForgeRock Architect, you need deep expertise in identity and access management (IAM), strong knowledge of ForgeRock suite (such as Identity Management and Access Management), and relevant experience in solution architecture. Familiarity with tools like ForgeRock Directory Services, scripting languages, and cloud platforms, along with certifications like ForgeRock Certified Access Management Specialist, is highly valuable. Excellent problem-solving, stakeholder communication, and project leadership skills help you design and implement secure, scalable IAM solutions. These competencies ensure robust security, seamless user experiences, and the successful delivery of complex identity projects.
More about Forgerock Architect jobs
What cities are hiring for Forgerock Architect jobs? Cities with the most Forgerock Architect job openings:
What states have the most Forgerock Architect jobs? States with the most job openings for Forgerock Architect jobs include:
What job categories do people searching Forgerock Architect jobs look for? The top searched job categories for Forgerock Architect jobs are:
Infographic showing various Forgerock Architect job openings in the United States as of June 2026, with employment types broken down into 100% Full Time. Highlights an 77% Physical, 3% Hybrid, and 20% Remote job distribution, with an average salary of $127,392 per year, or $61.2 per hour.
ForgeRock Identity Gateway (IG)/PingGateway, Engineer

ForgeRock Identity Gateway (IG)/PingGateway, Engineer

Peraton

Remote

$80K - $128K/yr

Full-time

Posted 23 days ago


Key responsibilities

  • Design, configure, and maintain PingGateway (ForgeRock IG) as an identity-aware reverse proxy to secure applications, APIs, and microservices.

  • Develop and maintain gateway route configurations, policies, and scripts for identity and access enforcement, request/response transformation, and credential handling.

  • Deploy, monitor, and troubleshoot PingGateway in containerized environments, ensuring compliance with federal security standards and high availability.


Peraton rating

8.2

Company rating: 8.2 out of 10

Based on 53 frontline employees who took The Breakroom Quiz

47th of 207 rated it services


Job description

Responsibilities
We are seeking a ForgeRock Identity Gateway (IG)/PingGateway, Engineer to support a federal Identity and Access Management (IAM) program for the U.S. Department of Education Federal Student Aid (FSA). This role is responsible for designing and operating identity-aware reverse proxy and gateway solutions that secure applications, APIs, and microservices across a Zero Trust architecture. The engineer will serve as a key Policy Enforcement Point (PEP) architect, ensuring consistent identity and access control enforcement across legacy, cloud, and hybrid systems in alignment with federal security standards such as NIST, FICAM, FedRAMP, and Zero Trust principles.
Key Responsibilities:
Identity Gateway & Reverse Proxy Engineering
  • Design, configure, and maintain PingGateway (ForgeRock IG) as an identity-aware reverse proxy
  • Manage HTTP/S traffic routing, TLS termination, and load balancer integrations
  • Enforce identity and access policies at the network edge

Policy & Route Development
  • Develop and maintain JSON-based route configurations and gateway policies
  • Implement filters, handlers, and scripts for request/response transformation
  • Support credential replay, token injections, and header manipulation for legacy apps

API & Microservices Security
  • Secure APIs using PingGateway microgateway capabilities
  • Implement OAuth 2.0 resource server patterns and token validation
  • Integrate with external authorization systems (e.g., PingAuthorize)

Authentication & Federation
  • Implement SSO, MFA, and federated identity flows
  • Configure OAuth 2.0, OpenID Connect (OIDC), and SAML integrations
  • Support migration of legacy identity protocols to PingOne Advanced Identity Cloud

Zero Trust Enforcement
  • Implement gateway-based Policy Enforcement Points (PEP) within a Zero Trust architecture
  • Enforce adaptive authentication and risk-based access controls

Scripting & Customization
  • Develop Groovy and JavaScript scripts for custom gateway behavior
  • Build custom authentication, token handling, and audit logging logic

Observability & Monitoring
  • Configure logging, metrics, and audit trails for gateway traffic
  • Integrate with enterprise SIEM and monitoring tools (e.g., Prometheus, OpenTelemetry)

DevOps & Deployment
  • Deploy PingGateway in Docker and Kubernetes environments
  • Support CI/CD pipelines and infrastructure-as-code practices
  • Work with hardened container environments for federal systems

Integration & Platform Support
  • Integrate PingGateway with ForgeRock components (AM, IDM, DS)
  • Support identity flows across hybrid and cloud environments

Troubleshooting & Support
  • Provide L3 support for production incidents
  • Perform root cause analysis and resolve complex identity and routing issues
  • Ensure high availability and performance of gateway services

Compliance & Security
  • Ensure compliance with FISMA, FedRAMP, NIST, and federal IAM standards
  • Support audits, security assessments, and continuous monitoring requirements
  • Participate in design reviews and agile ceremonies

Qualifications
Required Qualifications:
  • Bachelor's degree and 5 years of experience or 9 years with a HS diploma/equivalent
  • 5+ years in Identity and Access Management (IAM)
  • Hands-on experience with ForgeRock IG / PingGateway or similar API gateway/IAM reverse proxy solutions
  • Experience in enterprise or federal environments
  • Experience working in Agile/Scrum teams
  • ForgeRock IG / PingGateway (route configuration, scripting, policy design) experience
  • Familiarity in OAuth 2.0, OpenID Connect, SAML 2.0, JWT, LDAP
  • Groovy and JavaScript scripting experience
  • Experience in REST APIs and microservices security
  • Familiarity in Kubernetes, Docker, and CI/CD pipelines
  • LDAP/Active Directory integration experience
  • Understanding of Zero Trust architecture (NIST SP 800-207)
  • Familiarity with cloud platforms (AWS, Azure, or GCP)
  • U.S. Citizenship required
  • Must be able to obtain and maintain the required agency clearance

Preferred Qualifications:
  • ForgeRock or Ping Identity certifications
  • CISSP, Security+, or similar cybersecurity certifications
  • Experience with PingAuthorize or externalized authorization models
  • Experience with federal IAM programs (FSA, DHS, DoD, etc.)
  • Knowledge of observability tools (Prometheus, OpenTelemetry)
  • Experience with SailPoint, Okta, or CyberArk
  • Familiarity with advanced security topics (mTLS, FAPI, PKI, or post-quantum crypto)
  • Agile/SAFe certifications

Peraton Overview
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.
Target Salary Range
$80,000 - $128,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.
EEO
EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.

What Peraton employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom


Peraton logo

About Peraton

Sourced by ZipRecruiter

At Peraton, we re at the forefront of delivering the next big thing every day. We re the partner of choice to help solve some of the world s most daunting challenges, delivering bold, new solutions to keep people around the world safer and more secure.

Industry

It services

Company size

10,000+ Employees

Headquarters location

Herndon, VA, US

Year founded

2017