CIAM Engineer

We are currently seeking a Customer IAM ( CIAM) Federation & SSO Engineer with deep level expertise in Azure federation services with prime
focus on Azure B2B and B2C as well as conditional access management.

A successful candidate will bring deep technical and software expertise, strong business acumen and judgment. Utilizing your experience with on-prem and Cloud IAM services you will work with the team to transition applications to Azure making use of Identity Federation protocols such as
SAML2, WS-Federation, Kerberos, OAuth2 and OpenID Connect (OIDC). You also must have experience and understanding of modern Identity &
Access Management concepts and best practice.

In addition to having strong technical skills, you must be comfortable in effectively communicating with business end users, technical IT teams,
business partners, network providers, and business process outsourced vendors, all while being sensitive to a wide diversity of cultural and technical
backgrounds in a global business environment.

Job Functions:

• Ability to enable application movement to modern authentication in the multi-cloud environment through use of SSO and Federation.
• Design, develop, deploy, integrate and support Single Sign On (SSO) using DevOps model for all types of devices.
• Develop, maintain, support and troubleshoot UMG’s in house and vendor applications hosted in Private/Public Clouds.
• Analyze Server side and client Side SSO logs to debug issues.
• Produce and implement enterprise-level designs for Azure authentication and on prem AD, as wells as Azure AD/B2B authentication for global initiatives.
• Lead steady state and continuous improvement efforts for Authentication technologies for globally diverse solutions.
• Coordinate between infrastructure, application, and threat monitoring teams to ensure the timely and successful delivery of solutions.
• Support the enterprise SSO platform(s) to enable a secure and enhanced authentication experience for enterprise/partners and end users.
• Knowledge and experience with information security, Authorization and Authentication systems, infrastructure and implementation techniques is a key component to this role.
• Maintain accurate documentation of processes for areas of responsibility.

Job Requirements:

Qualifications:

• 7+ years of experience in Federation space
• Strong experience with Azure B2C platform and IEF framework and Microsoft Graph APIs
• Strong experience implementing custom policies in Azure B2C platform
• Ability to customize the login screen/experience within Azure B2C
• Thorough knowledge and work experience on Azure Active Directory Federation Services and related authentication/authorization technologies
• Strong hands-on experience with industry standard SSO technologies and protocols (SAML, OAuth2.0, OpenID Connect, WS-Fed, FIDO, SCIM, LDAP, Kerberos, NTLM)
• Understanding of API design concepts, RESTful Services, and modern application interaction patterns
• Strong hands-on experience with securing APIs with OAuth 2.0 and other means.
• Experience in extending or integrating on premises AD with Azure based AD
• Expert Knowledge on Azure AD conditional access as well as Azure B2B/B2C
• Creating application configuration in Azure AD Federation and supporting SSO infrastructure including conditional access.
• Hands on experience on tools like SCOM, App Insight, Splunk etc.
• Experience in Windows PowerShell scripting
• Ability to utilize various programming or scripting languages such as Shell scripting, Perl, Python, JavaScript, HTML and PowerShell
• Familiarity with deployments and integration of IAM solutions within the cloud (Azure, AWS, GCP)
• Experience in deploying large-scale, global projects and programs
• Familiarity with IT security and risk management practices

Desirable:

• Bachelor’s Degree in Computer Science, Engineering, Network Security or related field.
• Demonstrated excellent technical writing skills.
• International experience beneficial; multiple language skills a plus