• Identity Engineer

    Job Locations
    US-CA-San Francisco | US-CA-San Francisco
    Information Security
  • Overview


    First Republic is an ultra-high-touch bank that provides extraordinary client service. We believe that one-on-one interactions build lasting relationships. We move quickly to serve our clients’ needs so that their financial transactions are handled with ease and efficiency. Client trust and security are paramount in our line of business. Ultimately, our goal is unsurpassed client satisfaction which will lead to personal referrals – our number one source of new business. We recognize that our competitive advantage starts with our people and our culture. At First Republic, we work hard and move quickly as a very coordinated team. If you are looking for an opportunity to grow and contribute in a fun, fast-paced environment, First Republic is the place for you. We have exceptional people focused on providing extraordinary service.


    We are looking for an Access Engineer to be a part of our team.  He/she will be responsible for driving the continued growth of our access management platform and extending its use across more applications.  The candidate must have excellent skills on various Access Management products - primarily with PingFederate. The candidate must have strong working knowledge of standard-based access management technologies and concepts.



    • Work with Access Management technologies such as PING, Active Directory, Radius based 2-factor.
    • Configure Federated SSO for enterprise internal and third party SaaS applications.
    • Responsible for the delivery of products and solutions for Single Sign-On via Ping Federate.
    • Owns the quality of the implementation and follows the changes through all lower environments through production.
    • Works closely with QA teams to ensure quality standards are being met.
    • Understands the solution and the domain/ industry well and acts as subject matter expert to be able to understand the customer's requirement.
    • If appropriate suggest alternatives to better the solution and alleviate the challenge/ issue being addressed.
    • Works with application teams to gather SSO requirements and build out a solution in non-production & production environments.
    • Responsible for performing unit testing on built and existing SAML assertions.
    • Responsible for coordinating application onboarding with end client contacts, client project managers and application owners.
    • Troubleshooting hardware and software experience both at the O/S level and the application level where required.
    • Work with vendors on supporting the platform and upgrade activities.
    • Maintenance of PingFed servers/ access software including performing upgrades, patches, and ensuring availability.
    • Helps to establish a multi-year technology roadmap for Access Management.
    • Participates in disaster recovery testing exercises. 
    • Responsibilities include the following:
      • Adhering to and complying with all applicable, federal and state laws, regulations and guidance, including those related to Anti-Money Laundering (i.e. Bank Secrecy Act, USA PATRIOT Act, etc.).
      • Adhering to Bank policies and procedures.
      • Completing required training.
      • Identifying and reporting potential suspicious activity to the BSA/AML Officer.
      • Knowing and verifying the identity of any customer(s) that enters into a relationship with the Bank.


    Critical features of this job are described under the items above. They may be subject to change at any time due to reasonable accommodation or other reasons. This job description reflects management’s assignment of essential functions; it does not prescribe or restrict the tasks that may be assigned. Nothing in this job description restricts management’s right to assign or reassign duties and responsibilities to this job at any time.


    • 5 years of experience on Access Management products/domain.
    • Experience in working with the single sign on protocols like SAML.
    • Wiliness to learn and grow within the Access Management space.
    • Familiarity with federation protocols such as SAML.
    • Good understanding of access management, federated identity, 2-factor solutions, and LDAP directories.
    • Good hands on experience in PingFederate or similar SSO solution a plus.
    • Experience in installing and maintaining the PingFederate across different environments.
    • Strong working knowledge of PingFederate Policy server, policy enforcement products/concepts.
    • Knowledge in Radius and other MFA protocols.
    • Working knowledge of SAML Federation & PingFederate.
    • Excellent troubleshooting skills with PingFederate.
    • Knowledge of Open ID Connect Policy, SAML, SOAP, WS-Security, OAuth.
    • Experience with operating systems (Windows Server, Linux/Unix) and application servers.
    • Experience in working with the Active directory.
    • Experience with HTTP Servers web/proxy rules configuration.
    • Excellent verbal and written communication skills required.
    • Advanced knowledge of systems engineering principles, methods, and techniques.
    • Good knowledge of Linux operating systems.
    • Team player.
    • Provides extraordinary service.
    • Furthers the First Republic Bank culture and values.




    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed