Principal Cyber Security Engineer – Identity Access Management (Ping Suite)
Memorial Sloan Kettering Cancer Center, New York, NY, United States
About Us
The people of Memorial Sloan Kettering Cancer Center (MSK) are united by a singular mission: ending cancer for life. Our specialized care teams provide personalized, compassionate, expert care to patients of all ages. Informed by basic research done at our Sloan Kettering Institute, scientists across MSK collaborate to conduct innovative translational and clinical research that is driving a revolution in our understanding of cancer as a disease and improving the ability to prevent, diagnose, and treat it. MSK is dedicated to training the next generation of scientists and clinicians, who go on to pursue our mission at MSK and around the globe.
Exciting Opportunity at MSK: Principal Cyber Security Engineer – Identity Access Management (IAM)
At MSK, this role serves as a senior technical authority for Identity and Access Management, shaping secure, scalable identity solutions that protect critical systems, users, and data. The Principal Cyber Security Engineer partners across the enterprise to design, implement, and evolve modern identity platforms supporting workforce and external identities.
Role Overview
Serve as a principal-level technical lead for enterprise Identity and Access Management (IAM) architecture and solutions
Design and implement secure authentication and authorization flows across workforce and external user populations
Lead enterprise-scale IAM initiatives leveraging modern federation and identity standards
Strong experience with PingFederate, PingID, PingOne Suite, including PingOne Protect, PingOne Verify and Davinci
Partner with security, application, and business stakeholders to align identity strategy with organizational needs
Provide hands‑on technical leadership for advanced identity platforms and integrations
Drive identity security improvements including MFA, risk‑based authentication, and adaptive access
Troubleshoot and resolve complex authentication, federation, and access issues across platforms
Influence IAM standards, best practices, and long‑term identity roadmap across the enterprise
Key Qualifications
Deep hands‑on experience with SAML, OAuth 2.0, OpenID Connect (OIDC), LDAP, SCIM, and Auth0
Proven experience delivering enterprise‑scale IAM implementations and migrations
Experience managing identity solutions for both workforce and external/consumer identities
Strong experience with PingOne Suite, including PingOne SSO, MFA, Protect, and Risk
Advanced experience with cloud identity architectures in Azure, AWS, and GCP
Strong JavaScript experience for custom identity logic, orchestration, and flow extensions
Core Skills
Ability to translate complex business requirements into secure, scalable identity solutions
Strong analytical and troubleshooting skills for browser‑based authentication and identity flows
Advanced use of JSON for APIs, identity payloads, and event‑driven integrations
Working knowledge of XML for federation metadata, policies, and configuration artifacts
Collaborative, influential mindset with the ability to lead through expertise and technical credibility
Working knowledge of programming languages (e.g., C#, Java, SQL)
Strong knowledge in managing Linux and Windows servers
Additional Information
Schedule: 9:00 AM – 5:00 PM EST, Monday - Friday
Location: Hybrid: 99% remote with flexibility to come to NYC as needed. Must live in commutable distance to NYC
Reporting To: Associate Director, Identity & Access Management
Pay Range: $152,400.00 - $251,600.00 FSLA Status: Exempt
Equal Opportunity Employment
MSK is an equal opportunity and affirmative action employer committed to diversity and inclusion in all aspects of recruiting and employment. All qualified individuals are encouraged to apply and will receive consideration without regard to race, color, gender, gender identity or expression, sexual orientation, national origin, age, religion, creed, disability, veteran status or any other factor which cannot lawfully be used as a basis for an employment decision.
Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.
#J-18808-Ljbffr
The people of Memorial Sloan Kettering Cancer Center (MSK) are united by a singular mission: ending cancer for life. Our specialized care teams provide personalized, compassionate, expert care to patients of all ages. Informed by basic research done at our Sloan Kettering Institute, scientists across MSK collaborate to conduct innovative translational and clinical research that is driving a revolution in our understanding of cancer as a disease and improving the ability to prevent, diagnose, and treat it. MSK is dedicated to training the next generation of scientists and clinicians, who go on to pursue our mission at MSK and around the globe.
Exciting Opportunity at MSK: Principal Cyber Security Engineer – Identity Access Management (IAM)
At MSK, this role serves as a senior technical authority for Identity and Access Management, shaping secure, scalable identity solutions that protect critical systems, users, and data. The Principal Cyber Security Engineer partners across the enterprise to design, implement, and evolve modern identity platforms supporting workforce and external identities.
Role Overview
Serve as a principal-level technical lead for enterprise Identity and Access Management (IAM) architecture and solutions
Design and implement secure authentication and authorization flows across workforce and external user populations
Lead enterprise-scale IAM initiatives leveraging modern federation and identity standards
Strong experience with PingFederate, PingID, PingOne Suite, including PingOne Protect, PingOne Verify and Davinci
Partner with security, application, and business stakeholders to align identity strategy with organizational needs
Provide hands‑on technical leadership for advanced identity platforms and integrations
Drive identity security improvements including MFA, risk‑based authentication, and adaptive access
Troubleshoot and resolve complex authentication, federation, and access issues across platforms
Influence IAM standards, best practices, and long‑term identity roadmap across the enterprise
Key Qualifications
Deep hands‑on experience with SAML, OAuth 2.0, OpenID Connect (OIDC), LDAP, SCIM, and Auth0
Proven experience delivering enterprise‑scale IAM implementations and migrations
Experience managing identity solutions for both workforce and external/consumer identities
Strong experience with PingOne Suite, including PingOne SSO, MFA, Protect, and Risk
Advanced experience with cloud identity architectures in Azure, AWS, and GCP
Strong JavaScript experience for custom identity logic, orchestration, and flow extensions
Core Skills
Ability to translate complex business requirements into secure, scalable identity solutions
Strong analytical and troubleshooting skills for browser‑based authentication and identity flows
Advanced use of JSON for APIs, identity payloads, and event‑driven integrations
Working knowledge of XML for federation metadata, policies, and configuration artifacts
Collaborative, influential mindset with the ability to lead through expertise and technical credibility
Working knowledge of programming languages (e.g., C#, Java, SQL)
Strong knowledge in managing Linux and Windows servers
Additional Information
Schedule: 9:00 AM – 5:00 PM EST, Monday - Friday
Location: Hybrid: 99% remote with flexibility to come to NYC as needed. Must live in commutable distance to NYC
Reporting To: Associate Director, Identity & Access Management
Pay Range: $152,400.00 - $251,600.00 FSLA Status: Exempt
Equal Opportunity Employment
MSK is an equal opportunity and affirmative action employer committed to diversity and inclusion in all aspects of recruiting and employment. All qualified individuals are encouraged to apply and will receive consideration without regard to race, color, gender, gender identity or expression, sexual orientation, national origin, age, religion, creed, disability, veteran status or any other factor which cannot lawfully be used as a basis for an employment decision.
Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.
#J-18808-Ljbffr