Engineer - IAM Federation & SSO

Ekman Associates, Inc. is a Southern California based company focused on the following services: Management Consulting, Professional Staffing Solutions, Executive Recruiting and Managed Services. Summary: We are currently seeking a Federation & SSO Engineer with deep level expertise in Azure federation services including ADFS, Azure B2B and B2C, and conditional access management. Key Experience:

• Federation & SSO
• Azure Federation Services

• Ability to enable application movement to modern authentication in the multi-cloud environment through use of SSO and Federation.
• Design, develop, deploy, integrate and support Single Sign On (SSO) using DevOps model for all types of devices. Develop, maintain, support and troubleshoot in house and vendor applications hosted in Private/Public Clouds, Analyze Server side and client Side SSO logs to debug issues.
• Plan and develop security measures to safeguard information against accidental or unauthorized modification, destruction, or disclosure.
• Produce and implement enterprise-level designs for Azure authentication and on prem AD, as well as Azure AD/B2B authentication for global initiatives.
• Collaborate with infrastructure and operations teams to provide architectural and technical guidance.
• Lead steady state and continuous improvement efforts for Authentication technologies for globally diverse solutions.
• Coordinate between infrastructure, application, and threat monitoring teams to ensure the timely and successful delivery of solutions.
• Provide engineering support for the Identity and Authentication team.
• Support the enterprise SSO platform to enable a secure and enhanced authentication experience for enterprise users.
• Knowledge and experience with information security, Authorization and Authentication systems, infrastructure and implementation techniques is a key component to this role.
• Maintain accurate documentation of processes for areas of responsibility.

• Bachelor s Degree in Computer Science, Engineering, Network Security or related field
• Demonstrated excellent technical writing skills and project/program management experience
• IT Certifications including Microsoft Certifications, CISSP, SANS, Security+, and ITIL v3 Foundation certifications

• 7+ years of experience in Federation space
• Thorough knowledge and work experience on Azure Active Directory Federation Services and related authentication/authorization technologies
• Strong hands-on experience with industry standard SSO technologies and protocols (SAML, OAuth2.0, OpenID Connect, WS-Fed, FIDO, SCIM, LDAP, Kerberos, NTLM)
• Understanding of API design concepts, RESTful Services, and modern application interaction patterns
• Strong hands-on experience with securing APIs with OAuth 2.0 and other means.
• Experience in extending or integrating on premises AD with Azure based AD
• Expert Knowledge on Azure AD conditional access as well as Azure B2B
• Creating application configuration in Azure AD Federation and supporting SSO infrastructure including conditional access.
• Hands on experience on tools like SCOM, App Insight, Splunk etc.
• Experience in Windows PowerShell scripting
• Ability to utilize various programming or scripting languages such as Shell scripting, Perl, Python, JavaScript, HTML and PowerShell
• Familiarity with deployments and integration of IAM solutions within the cloud (Azure, AWS, GCP)
• Experience in deploying large-scale, global projects and programs
• Familiarity with IT security and risk management practices