**Department: Customer Identity & Access Management (CIAM) Team** **About the Role:** The Home Depot is seeking a **Senior CIAM Engineer** to support the **THDCustomerIAM online identity platform** , ensuring seamless, secure, and scalable customer authentication and authorization experiences. This role will be a critical member of the CIAM team, working with **ForgeRock, Ping Identity** , and other cutting-edge identity solutions to drive intelligent access, journey orchestration, and low-code/no-code development. **Key Responsibilities** + **CIAM Development & Operations:** + Architect, develop, and optimize authentication (AuthN) and authorization (AuthZ) solutions using **ForgeRock and Ping Identity** platforms. + Design and implement **Intelligent Access** and low-code/no-code **IAM journey orchestration** for frictionless customer authentication and security. + Ensure high availability and performance of CIAM services, monitoring and improving system health. + **Identity Lifecycle & Security Enhancement:** + Enhance customer authentication flows with **adaptive authentication** , **risk-based access controls (RBAC)** , and **passwordless solutions** . + Support **OAuth 2.0, OpenID Connect (OIDC), SAML, and JWT** for secure API and application authentication. + Collaborate with security teams to maintain compliance with **NIST 800-63, GDPR, and CCPA** . + **Automation & DevOps in CIAM:** + Automate CIAM deployments using **CI/CD pipelines** , **Infrastructure as Code (IaC)** , and **APIs** for self-service identity provisioning. + Optimize DevOps processes to ensure continuous delivery, minimizing downtime and enhancing customer experience. + Troubleshoot and resolve **IAM incidents** and performance issues. + **Cross-Functional Collaboration & Governance:** + Work closely with security, engineering, and product teams to align CIAM with **business needs and security policies** . + Drive **IAM best practices** , documentation, and governance models to ensure compliance and scalability. + Support audit, risk assessment, and fraud prevention efforts related to identity security. **Required Qualifications & Experience:** + **5+ years of experience in CIAM engineering** , with expertise in **ForgeRock (AM, IDM, DS) and/or Ping Identity (PingOne, PingFederate, PingAccess)** . + Strong experience with **authentication and authorization frameworks** : OAuth 2.0, OIDC, SAML, MFA, and adaptive authentication. + Hands-on experience with **low-code/no-code IAM orchestration tools** , such as ForgeRock **Intelligent Access** or Ping Identity's **Journey Orchestration** . + Proficiency in **DevOps principles** , CI/CD pipelines, automation, and cloud-native IAM solutions. + Experience working with **high-scale, customer-facing identity platforms** in large enterprises or similar companies. + Knowledge of **fraud detection, risk-based authentication (RBA), identity proofing, and compliance (NIST, GDPR, CCPA)** . + Strong scripting and development skills (e.g., JavaScript, Python, Groovy, JSON, REST APIs). + Exceptional problem-solving skills, ability to work in **agile environments** , and strong communication abilities. **Preferred Qualifications:** + Experience with **AI/ML-based fraud detection and identity verification** . + Knowledge of **Cloud IAM (Azure AD, Google Identity)** . + Familiarity with **zero-trust security models** and **passwordless authentication** Protecting what matters most to our associates and consumers by securing our sensitive data and critical assets from current and emerging threats. At The home Depot, Cybersecurity consists of Architecture, Governance, Identity & Access Management, Internal Threat Operations, Issue and Compliance Management, Risk Assessment/Advisory, Security Consulting, Security Operations, Service Optimization and Strategic Planning. **Key Responsibilities:** + 100% Deliver Execution, Plans & Align, Problem Solving - Design automation workflows and capabilities in support of data collection, investigation and incident response Develop threat hunting and data analysis strategy and capabilities Identify and propose new technologies, methodologies and/or approaches to detecting malicious activity Utilize indicators to scope and respond proactively to emerging threats Design, build, configure, maintain and monitor cybersecurity threat defense capabilities and user access management **Direct Manager/Direct Reports:** + This Position typically reports to Manager or Sr. Manager + This Position has 0 Direct Reports **Travel Requirements:** + No travel required. **Physical Requirements:** + Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles. **Working Conditions:** + Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable. **Minimum Qualifications:** + Must be eighteen years of age or older. + Must be legally permitted to work in the United States. **Minimum Education:** + The knowledge, skills and abilities typically acquired through the completion of a high school diploma and/or GED. **Minimum Years of Work Experience:** + 3 **Competencies:** + Action Oriented + Collaborates + Communicates Effectively + Customer Focus + Drives Results We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class. - $125,000.00 - $160,000.00