Authentication - Product Engineer / Cbsp

We're looking for an Authentication & SSO Engineer/Consultant who will:

Guide application teams, product owners and Engineers to identify Authentication pattern for their requirements and assist them to integrate with Central Authentication solutions.

Advise Authentication best practices including but not limited to MFA enforcement, Session Management, Efficient use of Authentication resources

Engineer solutions to meet the business requirement by following Organizational SDLC and Agile practices

Develop processes and controls to improve the operational stability and resiliency of the Cloud based and On-Prem Authentication services

Work with Engineering Manager and broader team to mature of the Cloud based and On-Prem Authentication solutions

Implement and manage necessary solutions to monitor the health of the systems

Maintain User documentation for the supported Authentication Pattern and associated Technical & operational documents for systems in-scope.

Act as subject matter expert during Incidents and troubleshoot issues to resolve them in a swift manner

Qualification

7+ years of hands-on experience working with Industry standard Cloud based Authentication Solution (For instance, Azure AD,

AzureADB2C, Okta, Ping) in large enterprise organizations, to protect applications and data in cloud and hybrid environments.

Familiar with Modern Authentication protocols – OAuth 2.0, OIDC, SAML, FIDO and industry standard Auth flows (e.g. PKCE, Authorization Code, Client Credentials, etc)

Experience with implementing Multi Factor Authentication and Risk/Conditional Access.

Experience in Cloud Authentication Governance and automation of onboarding & maintenance activities

Working knowledge of PowerShell, Jenkins and other devops tools to automate manual processes.

Knowledge on Active Directory Sites and services, DNS, DHCP

Knowledge on Microsoft PKI Technologies

Knowledge and understanding of Azure App Services, Application Insights, Azure Monitor, API Gateway – APIM, Azure AD App proxy.
Good communication skill.

Nice to have Skills

Experience with Azure AD and Azure AD B2C is a plus

Sound knowledge of Microsoft Graph API, MSAL and application integration experience using Java/.Net, Powershell, Javascript, etc.

Microsoft Azure Certificates is preferred (AZ-500 Microsoft Azure Security Technologies)

Development experience in Web - .NET/Java is a plus

Familiarity with web app security concepts such as – OWASP.