This hands-on engineering role will help drive adoption of single sign on throughout the enterprise. The engineer will work closely with internal applications to provide specifications for modern authentication protocols and help them leverage them. This role will meet with internal stakeholders to evangelize and promote the use of these centrally managed Identity services, promote best practices and advanced security controls with application owners and server support resources.
- Contributing to the success and delivery of the Single Sign On Program.
- Provide senior level engineering and design support.
- Help deliver a comprehensive Multi-factor authentication program utilizing conditional access to deliver a better user experience that reduces user authentications, increases security assurance, and lowers risk.
- Support critical services like VPN, PAM as the front door protection that provides authentication and authorization.
- Ongoing maintenance of the platform, server support, and troubleshooting. Design & Engineering of the solution.
- Troubleshoot SSO/MFA Issues from both a client and application perspective, create technical transition, and integration plans and execute them.
- Bachelor’s degree in Technology (Computer Science, Computer Engineering etc.).
- 3 years+ of experience in Security or Identity & Access Management.
- Willingness to learn Microsoft Azure Single Sign On / MFA at a deep technical level.
- Good Project Management, inter-personal & communications skills, and the ability to adapt to change, move fast, take charge, and work with ambiguity. Positive and enthusiastic attitude.
- Good understanding of Security Architecture and Application Design and Integration.
- Experience supporting a service, creating run books, and 24/7 uptime and support.
- Scripting experience in PowerShell or a similar language.
- Knowledge of firewalls, Load Balancers, and port/protocols involved with connectivity.
- Ability to troubleshoot issues and interact with end user administrators and explain PKI.
- Can work independently with less supervision.
Preferred but Not Required
- Microsoft SSO Conditional Access, Risk Scoring, or similar Single Sign On experience.
- AWS/Azure Cloud authentication experience.
- Windows Hello for Business Facial Recognition and workstation authentication experience.
- Yubikey hardware token, or Fingerprint recognition implementation experience.
- Experience building out a new Security or Identity Service.
- Microsoft Active Directory Experience, especially with Windows 2016.
- Multiple Security Certifications (CISM, CISSP, CISA, CISM, CRISC, ITIL, PMP).
- PKI Experience related to Workstations or applications.