Architect - IAM

The Identity Access Management (IAM) Engineer will be the senior developer in the IAM organization and is responsible to solution and develop access management solutions in distributed OnPrem & Cloud infrastructure. Skilled in scripting and development using modern technologies. Works closely with enterprise architects to ensure adequate security solutions are in place to mitigate identified risks sufficiently, while meeting business objectives and regulatory requirements. Provides technical leadership and delivers complex projects.

This role is based out of Hyderabad, India and requires coming into the office.

• Provides subject matter expertise in Development, designing and building custom solutions hands-on that cater to business requirements following authentication standards and patterns.
• Responsible for leading end to end development and customizations for Authentication services team.
• Strong experience in Modern authentication protocols SAML, Open ID, OAUTH.
• Develop Associate/Consumer portals using technologies like Java, JSP, HTML, CSS, JavaScript, Angular and React.
• Responsible for Developing web pages using JSP and other UI Technologies like HTML, CSS, JavaScript, React which makes the application look better with extra features, more functionality and responsive to the device screens.
• Responsible for Developing backend microservices using Java and building Business logics which consumes third party services and provides SSO to the application.
• Develop and maintain APIs for integrating various systems and services, ensuring seamless data exchange and functionality across platforms.
• Design and implement automation solutions to streamline repetitive tasks, improving overall efficiency and reducing the potential for human error.
• Implement Test Automation Framework.
• Improvising exception handling and adding informative logs to the application which can be queried through Splunk and used in future investigation reports.
• Use Modern and standard technologies and principles in developing or fixing a solution.
• Document functional requirements, product features and specifications for programming
• Recommends Operational and process improvements based on efficiency and available technologies.
• Supporting across different modules of Web applications and, Utilization Management and workflow.
• Proactively report risks and provide mitigation plans to overcome risks. Implementation of RCA (Root Cause Analysis) outcomes/best practices in future releases.
• Work on SSO customizations, Workflows and SCIM connects.
• Work on building end to end CI/CD pipeline with automated processes.
• Build automated regression testcases.
• Work on the Databases creating new Store procedures and Functions in MS SQL Server, DB2 and MySQL.
• Log and track defects through to resolution.
• Provide estimates for test effort and Assist in UAT testing phase.
• Facilitate testing meetings, summarize results, issue/defect reporting, maintain metrics and provide go/no go recommendation.
• Adhere to Agile devsecops methodologies.
• Troubleshoot and resolve Okta-related authentication issues for both internal and external stakeholders.
• Work closely with security, development, and IT teams to ensure authentication mechanisms are effectively integrated and aligned with overall security strategies.
• Work with cross-functional teams to integrate Okta solutions into existing systems and applications.
• Provide level 3 production support to help diagnose and troubleshoot production issues.
• Provide technical guidance and support to clients and internal teams on Okta authentication features and best practices.
• Keep up-to-date with the latest advancements in authentication technologies, protocols, and Industry best practices, continuously enhancing the security posture of the organization.
• Document implementation processes, troubleshooting steps, and solutions for knowledge sharing.

Minimum Qualifications:

• BS/BA degree or equivalent experience
• 9+ years of experience in broader IAM technologies and cybersecurity practices
• 9+ years hands-on experience in implementing simple to complex SSO/MFA customization and connectors leveraging modern protocols and legacy header-based architectures.
• 4+ years in IAM including workforce and CIAM.
• 7+ years of development experience in Rest APIs, Java, J2EE, JavaScript, python, xml, Spring boot, Node js, html, CSS, angular and react js.
• 4+ years of experience with Linux and Windows platforms, middleware, Apache and load balancers
• 5+ years of experience in data security practices and procedures, including systems analysis, authentication technologies, and access controls.
• 4+ years working with Agile and DevOps tools and methodologies.
• Okta Certified Developer is a plus.

Preferred Qualifications:

• Extensive experience in solutioning, designing, and implementing authentication services.
• Broader IAM domain experience with a focus on information security.
• Strong hands-on development experience with Java, Node.js, React, Spring Boot, REST API, and JavaScript.
• Hands-on experience with JavaScript, Python, Ruby, PowerShell, or other scripting languages preferred.
• Experience in designing and implementing microservices architecture.
• Proficiency in building RESTful APIs using Java and Spring Boot.
• Deep technical expertise in solutioning and integrating B2B and B2C applications with CIAM.
• Strong expertise in designing solutions with standard IAM platforms like Okta and PingFederate to enable single sign-on services for both cloud and on-premises applications.
• Hands-on experience in building SSO solutions with various protocols like SAML, OAuth, OIDC, and headers-based applications and platforms, preferably Azure AD, Ping, and SiteMinder.
• Hands-on experience with security tools and platforms like Okta, Auth0, Azure AD, or similar IAM solutions.
• Experience with various authentication mechanisms such as multi-factor authentication (MFA), single sign-on (SSO), biometrics, and passwordless authentication.
• Understanding of securing APIs, including knowledge of API gateways, JWT (JSON Web Tokens), and secure coding practices.
• Strong hands-on experience in designing and architecting consumer identity and access management solutions.
• Strong understanding of the latest security principles like zero trust and passwordless authentication to implement new standards in the authentication model.
• Working knowledge of Okta Lifecycle Management and Administrative APIs.
• Experience with solutions like CyberArk, BeyondTrust, RSA, or comparable products.
• Excellent understanding of REST integration concepts.
• Hands-on experience with Azure services like Azure App Service, Azure Functions, Azure Kubernetes Service (AKS), and Azure DevOps.
• Knowledge of Azure Storage options (Blob, Table, Queue, File Storage).
• Knowledge of API gateways and service meshes.
• Experience in directory services like Oracle LDAP and AD.
• Knowledge of cryptographic algorithms and techniques, including symmetric and asymmetric encryption, hashing, digital signatures, and PKI (Public Key Infrastructure).
• Experience working with cloud-based authentication solutions (e.g., AWS Cognito, Azure AD, Okta).
• Experience building CI/CD pipelines in Azure or AWS.
• Experience in automating application deployment and building CI/CD pipelines using Ansible and Terraform.
• Experience with monitoring tools like Splunk, ELK, Prometheus, or similar tools.
• Strong experience with container technologies like Docker and Kubernetes.
• Experience with Linux and Windows platforms, middleware, Apache, and load balancers.
• Knowledge of network security principles and protocols, including TLS/SSL, firewalls, and VPNs.
• Experience developing workflows, custom connectors, and troubleshooting complex issues.
• Strong understanding of relevant security standards and regulations such as GDPR, HIPAA, PCI-DSS, and NIST.
• Experience in responding to and mitigating security incidents related to authentication breaches.
• Experience with Agile and DevOps tools and methodologies.
• Minimum Okta Certified Administrator; Okta Certified Consultant and/or Okta Certified Developer preferred.
• CISSP/CIAM certification is a plus.
• Experience with SiteMinder is preferred.

Non-Technical skills:

• Exceptional communication and interpersonal skills with the ability to influence and collaborate with diverse stakeholders.
• Deliver outcomes with a little supervision, must be a self-starter and self-motivator.
• Strong analytical, problem-solving, and decision-making skills, with the ability to manage complex and competing priorities.
• Strong project management and organizational skills, with the ability to deliver high-quality results.
• Ability to think strategically and suggest creative solutions.
• Ability to synthesize complex requirements into simple business practices.
• Flexible and able to adapt to changing priorities.