1

Forgerock Engineer Jobs (NOW HIRING)

ForgeRock IAM Engineer

$80K - $128K/yr

The ForgeRock AM (Access Management) Engineer is a specialized Identity and Access Management (IAM) professional responsible for designing, implementing, and maintaining secure access management ...

ForgeRock Identity Engineer / Architect Location: VA, NJ, TX, Atlanta, Colorado, Tampa About the Role Join a high-impact POD building a self-service federated SSO platform. You'll be the hands-on ...

Senior IAM Engineer - ForgeRock

$107K - $146K/yr

We are seeking a skilled ForgeRock Senior IAM Engineer to oversee the day-to-day administration, operational maintenance, and custom expansion of our Identity and Access Management platform. In this ...

Forgerock Developer Location: Salt Lake City, Utah Type: Contract To Hire Compensation: $0.00 Contractor Work Model: Onsite - onsite Hours: 40.0 Security Clearance: Not specified Overview Leave ...

ForgeRock Consultant

Foster City, CA

$15.75 - $21.50/hr

ForgeRock Consultant Location : Foster City, CA Type : Full Time Permanent Description 7-8 Years of ... Developer/Architect, work may require the person to lead a small team too for integrating with the ...

ForgeRock Consultant Location: Atlanta, GA Duration: Fulltime BGV will be done for the selected ... Developer Portals Sound experience implementing API Security and Access Control (OAuth/SAML etc ...

The ForgeRock Architect is responsible for supporting delivery and support of high-quality Identity ... Should be able to work independently as a Senior Developer/Consultant, work may require the person ...

The ForgeRock Architect is responsible for supporting delivery and support of high-quality Identity ... Should be able to work independently as a Senior Developer/Consultant, work may require the person ...

next page

Showing results 1-20

Forgerock Engineer information

What are ForgeRock Engineers?

ForgeRock Engineers are IT professionals who specialize in implementing, configuring, and maintaining ForgeRock's identity and access management (IAM) solutions. Their work involves integrating ForgeRock products such as Identity Gateway, Access Management, Directory Services, and Identity Management into an organization's infrastructure. They ensure secure authentication, authorization, and user management, often working closely with security teams to meet compliance and security requirements. ForgeRock Engineers also troubleshoot issues, perform upgrades, and help customize solutions to fit business needs.

What are some common challenges Forgerock Engineers face when integrating identity solutions with existing enterprise systems?

Forgerock Engineers often encounter challenges when integrating identity and access management platforms with legacy or heterogeneous enterprise systems. These challenges can include addressing compatibility issues, ensuring seamless user migration, and maintaining security compliance throughout the integration process. Close collaboration with infrastructure, security, and application teams is usually required to align technical requirements and minimize disruptions. Staying up to date with Forgerock's evolving tools and best practices also helps in overcoming integration hurdles efficiently.

What is the difference between Forgerock Engineer vs Forgerock Developer?

AspectForgerock EngineerForgerock Developer
Primary FocusImplementing and maintaining Forgerock identity solutions, system integration, and infrastructure setup.Developing, customizing, and scripting within Forgerock platforms to meet specific client needs.
Required SkillsKnowledge of Forgerock products, system administration, security protocols, and integration techniques.Proficiency in coding, scripting, and API development within Forgerock environments.
CertificationsForgerock certifications, security certifications, and related credentials.Forgerock certifications, programming certifications, and API development credentials.

While both roles work within the Forgerock ecosystem, Forgerock Engineers focus on deployment, configuration, and system integration, whereas Forgerock Developers concentrate on customizing and coding solutions within the platform. Both roles often collaborate but serve different technical needs in identity management projects.

What are the key skills and qualifications needed to thrive as a ForgeRock Engineer, and why are they important?

To thrive as a ForgeRock Engineer, you need expertise in identity and access management (IAM), knowledge of ForgeRock’s Identity Platform (including Access Management, Directory Services, and Identity Gateway), and often a degree in computer science or a related field. Familiarity with tools such as ForgeRock OpenAM, OpenIDM, LDAP, SAML, OAuth, and certifications like ForgeRock Certified Identity Management Specialist are highly valuable. Problem-solving abilities, strong communication, and a proactive approach to security issues are crucial soft skills in this role. These skills ensure the effective deployment, management, and troubleshooting of secure IAM solutions that protect organizational data and enable seamless user access.
More about Forgerock Engineer jobs
What cities are hiring for Forgerock Engineer jobs? Cities with the most Forgerock Engineer job openings:
What states have the most Forgerock Engineer jobs? States with the most job openings for Forgerock Engineer jobs include:
What job categories do people searching Forgerock Engineer jobs look for? The top searched job categories for Forgerock Engineer jobs are:
ForgeRock IAM Engineer

$80K - $128K/yr

Full-time

Posted 26 days ago


Peraton rating

8.2

Company rating: 8.2 out of 10

Based on 53 frontline employees who took The Breakroom Quiz

47th of 207 rated it services


Job description

Responsibilities
We are seeking a skilled ForgeRock IAM Engineer with strong experience in ForgeRock (PingOne Advanced Identity Cloud) to design, implement, and support secure access management solutions for a large federal environment. This role focuses on authentication, SSO, and Zero Trust security aligned with federal standards such as NIST and FedRAMP.
The ForgeRock AM (Access Management) Engineer is a specialized Identity and Access Management (IAM) professional responsible for designing, implementing, and maintaining secure access management solutions using the ForgeRock Identity Platform (now PingOne Advanced Identity Cloud). This role is integral to the U.S. Department of Education's Federal Student Aid (FSA) Federal IAM program - a mission-critical platform securing digital assets and managing identity for millions of students, institutions, and federal stakeholders.
The engineer focuses on delivering robust authentication, authorization, and Single Sign-On (SSO) strategies that align with federal security mandates including NIST SP 800-63, FICAM, FedRAMP, and Zero Trust Architecture (ZTA) principles. Working within an agile delivery environment, this role collaborates across engineering, security, architecture, and product teams to ensure the IAM platform remains secure, scalable, and compliant.
Key Responsibilities:
  • Design & Architecture: Translate business and security requirements into scalable IAM technical designs using ForgeRock/PingOne components - Access Management (AM/PingAM), Identity Management (IDM/PingIDM), Directory Services (DS/PingDS), and Identity Gateway (IG/PingGateway); lead design reviews, architecture workshops, and technical documentation.
  • Implementation & Integration: Install, configure, and integrate ForgeRock AM solutions with enterprise applications, cloud services (AWS, Azure, GCP), and legacy systems; develop and maintain REST API integrations and federation configurations across hybrid and multi-cloud environments.
  • Authentication & Authorization: Design and implement custom authentication trees/journeys, Multi-Factor Authentication (MFA) nodes, Risk-Based Authentication (RBA), and authorization policies to enforce secure, least-privilege user access; support phishing-resistant MFA including PIV/CAC card integration aligned with NIST Authenticator Assurance Levels (AAL1/AAL2/AAL3).
  • Identity Lifecycle Management: Oversee automated user provisioning, de-provisioning, and role-based access control (RBAC) and attribute-based access control (ABAC) workflows; integrate with HR systems, LDAP/Active Directory, and downstream applications to support full identity lifecycle governance.
  • Zero Trust Architecture Implementation: Implement Zero Trust principles per NIST SP 800-207 and federal Executive Order mandates; deploy authentication authority and authorization engines that enforce continuous verification across hybrid, multi-cloud environments.
  • Federation & SSO: Configure and maintain identity federation hubs integrating with third-party authentication sources, diverse user directories, and existing ICAM systems; enable standards-based SSO across agency boundaries and mission partner environments using SAML 2.0, OAuth 2.0, and OIDC.
  • Identity Governance & Administration (IGA): Streamline access request workflows, access reviews, and Segregation of Duties (SoD) enforcement to ensure correct permissions, prevent inappropriate access, and satisfy federal audit and compliance requirements.
  • Automation & Scripting: Build and maintain scripts (Java, Groovy, JavaScript, Python, or Shell) to automate routine operational tasks, optimize system performance, and support CI/CD pipeline integration for IAM configuration management.
  • Troubleshooting & L3 Support: Provide Level 3 support for identity-related incidents; perform root cause analysis, resolve complex platform issues, and ensure high system availability and uptime; serve as Subject Matter Expert (SME) for production escalations.
  • Compliance & Audit Support: Ensure IAM configurations meet federal regulatory requirements (FISMA, FedRAMP, NIST, FICAM, CMMC); support security audits, continuous monitoring, and audit-ready reporting; maintain alignment with DoD 8570/8140 baseline requirements where applicable.

Qualifications
Required Qualifications:
  • Bachelors degree and 5 years of experience or 9 years of experience and a HS diploma/equivalent
  • 5+ years of IAM engineering experience
  • Experience working with ForgeRock AM or PingOne
  • Hands-on experience with MFA, SSO, and federation solutions
  • Experience working in agile environments
  • ForgeRock/Ping: AM, IDM, DS, IG (or equivalents)
  • IAM Protocols: SAML 2.0, OAuth 2.0, OpenID Connect, JWT, LDAP, Kerberos, SCIM
  • Programming/Scripting: Java, Groovy, JavaScript, Python, or Shell
  • Directory Services: LDAP, Active Directory, Azure AD (Entra ID)
  • Cloud/DevOps: AWS, Azure, or GCP; Docker, Kubernetes, CI/CD, Git
  • Security: MFA, PKI, RBAC/ABAC, Zero Trust principles
  • Compliance: Familiarity with NIST 800-63, NIST 800-207, FedRAMP, FISMA
  • U.S. Citizenship required
  • Ability to obtain and maintain the required agency clearance

Preferred Qualifications:
  • Experience with IAM/IGA tools such as SailPoint, Saviynt, Okta, or CyberArk
  • Familiarity with PingFederate, PingAccess, or PingDirectory
  • Experience with PIV/CAC authentication and phishing-resistant MFA
  • SIEM integration and IAM monitoring experience
  • Prior federal government IAM experience (DoD, DHS, etc.)
  • Knowledge of post-quantum cryptography concepts
  • Agile/SAFe experience

Certifications (Preferred):
  • ForgeRock or Ping Identity certifications
  • CISSP, CISM, or CompTIA Security+
  • AWS or Azure security certifications

Peraton Overview
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.
Target Salary Range
$80,000 - $128,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.
EEO
EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.

What Peraton employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom


Peraton logo

About Peraton

Sourced by ZipRecruiter

At Peraton, we re at the forefront of delivering the next big thing every day. We re the partner of choice to help solve some of the world s most daunting challenges, delivering bold, new solutions to keep people around the world safer and more secure.

Industry

It services

Company size

10,000+ Employees

Headquarters location

Herndon, VA, US

Year founded

2017