Title: Azure Federation SSO Engineer
Location: Woodland Hills, CA / Remote
Ekman Associates, Inc. is a management consulting firm that specializes in developing business, digital, and technology strategy, delivering solutions, and addressing human resource demands.
We are currently seeking an Azure Federation & SSO Engineer with expertise in Azure federation services including ADFS, Azure B2B and B2C integrations, and conditional access management.
A successful candidate will bring deep technical and software expertise, strong business acumen and judgment. Utilizing your experience with on-prem and Cloud IAM services you will work with the team to transition applications to Azure making use of Identity Federation protocols such as SAML2, WS-Federation, Kerberos, OAuth2 and OpenID Connect (OIDC). You also must have experience and understanding of modern Identity & Access Management (IAM) concepts and best practice.
- Azure experience with B2B and/or B2C integrations
- SSO experience, including SAML, O A uth 2 , etc .
- Ideal: Dev background who has made the transition to this area of expertise
- Fast learner
- Ability to enable application movement to modern authentication in the multi-cloud environment through use of SSO and Federation.
- Design, develop, deploy, integrate and support Single Sign On ( SSO) using DevOps model for all types of devices. Develop, maintain, support and troubleshoot in house and vendor applications hosted in Private/Public Clouds, Analyze Server side and client Side SSO logs to debug issues.
- Plan and develop security measures to safeguard information against accidental or unauthorized modification, destruction, or disclosure.
- Produce and implement enterprise-level designs for Azure authentication and on prem AD, as wells as Azure AD/B2B authentication for global initiatives.
- Collaborate with infrastructure and operations teams to provide architectural and technical guidance.
- Lead steady state and continuous improvement efforts for Authentication technologies for globally diverse solutions.
- Coordinate between infrastructure, application, and threat monitoring teams to ensure the timely and successful delivery of solutions.
- Provide engineering support for the Identity and Authentication team.
- Support the enterprise SSO platform to enable a secure and enhanced authentication experience for enterprise users.
- Knowledge and experience with information security, Authorization and Authentication systems, infrastructure and implementation techniques is a key component to this role.
- Maintain accurate documentation of processes for areas of responsibility.
- Bachelor's Degree in Computer Science, Engineering, Network Security or related field
- Demonstrated excellent technical writing skills and project/program management experience
- IT Certifications including Microsoft Certifications, CISSP, SANS, Security+, and ITIL v3 Foundation certifications
- International experience beneficial; multiple language skills a plus
- 5+ years of experience in Federation space
- Thorough knowledge and work experience on Azure Active Directory Federation Services and related authentication/authorization technologies
- Strong hands-on experience with industry standard SSO technologies and protocols (SAML, OAuth2.0, OpenID Connect, WS-Fed, FIDO, SCIM, LDAP, Kerberos, NTLM)
- Understanding of API design concepts, RESTful Services, and modern application interaction patterns
- Strong hands-on experience with securing APIs with OAuth 2.0 and other means.
- Experience in extending or integrating on premises AD with Azure based AD
- Expert Knowledge on Azure AD conditional access as well as Azure B2B
- Creating application configuration in Azure AD Federation and supporting SSO infrastructure including conditional access.
- Hands on experience on tools like SCOM, App Insight, Splunk etc.
- Experience in Windows PowerShell scripting
- Familiarity with deployments and integration of IAM solutions within the cloud (Azure, AWS, GCP)
- Experience in deploying large-scale, global projects and programs
- Familiarity with IT security and risk management practices
Qualified Candidates Only : If you wish to learn more about this opportunity and additional qualifications/responsibilities, please submit your resume. To learn more about Ekman Associates, Inc. please visit our website at www.ekmanassociates.com .