Overview
Skills
Job Details
Job Title: SSO Engineer (OIDC, SAML2, Duo MFA)
Duration: 3 Months
Location: Hybrid New York, NY
Overview:
An organization is seeking an experienced SSO Engineer to join their Identity Solutions team. The engineer will be responsible for configuring Single Sign-On (SSO) and Multi-Factor Authentication (MFA) using a central Identity Provider (IdP). This role involves close collaboration with application owners and vendors to enable secure authentication and manage application-specific attribute requirements.
Key Responsibilities:
Configure and support central Shibboleth (SAML2) Identity Provider for client applications
Set up OpenID Connect (OIDC) integrations via WSO2 Identity Server
Provide and manage application-specific attributes; perform mapping, re-mapping, and adjustments using regular expressions
Configure Microsoft Entra ID (formerly Azure AD) as an Identity Provider (SAML2 or OIDC) for application integration
Assist in migrating applications from Shibboleth and OIDC to the Entra ID SSO ecosystem
Develop and maintain detailed system documentation, including installation, configuration, and troubleshooting guides
Support identity federation, SSO, and MFA implementations involving SAML2, OIDC/OAuth2, REFEDS, Cirrus Identity Proxy/Bridge, and other federation technologies
Troubleshoot complex identity-related issues and deliver secure, scalable solutions
Work collaboratively across IT teams to support enterprise-wide access management initiatives
Required Qualifications:
5+ years of experience with SSO technologies such as Shibboleth (SAML2), OpenID Connect (OIDC), and Microsoft Entra ID
Hands-on experience configuring SSO/MFA for enterprise applications
Strong understanding of identity federation and MFA frameworks
Proficient in attribute mapping, regex transformations, and directory integrations
Experience with WSO2 Identity Server and/or similar platforms
Strong analytical and troubleshooting skills
Excellent communication and team collaboration abilities