Job Summary
We’re looking for a dynamic and highly motivated Sr. IAM SSO Engineer seeking a position with the global leader in commercial real estate services. This position is within our Global Cyber Security Office with a focus on designing, implementing, and maintaining the global deployment of Single Sign-On (SSO) federation as well as Directory Services solutions within the Identity Access Management Program.
Responsibilities
- Responsible for engineering SSO solutions working closely with application teams, vendors, business leaders, and product managers.
- Provide L3 technical support for critical Directory Services problems as needed.
- Design, implement, and support both legacy and modern enterprise token-based authentication technologies (e.g. Kerberos, SAML 2.0, WS-Federation, OAuth, OpenID Connect).
- Manage ADFS, Azure AD, and Okta federation platforms (B2E, B2B, & B2C).
- Manage and support Multi-Factor Authentication (MFA) within Azure AD or Okta.
- Design, manage, and implement Conditional Access Policies within Azure AD
Experience
- 7-10 years Enterprise experience with supporting Directory Services (e.g. Okta, PingOne, Active Directory – AD, Azure Active Directory – AAD, ADFS 2.0, 2012 R2, 2016, 2019)
- Subject matter expert support SSO federation protocols (SAML 2.0, WS-Federation, OAuth 2.0, OIDC).
- Ability to troubleshoot Directory Services and SSO issues leveraging tools such as session tracing.
- Ability to manage multiple priorities.
- Intermediate to advanced knowledge of scripting languages such as PowerShell.
Qualifications
- Must have a Bachelor of Science in Computer Science or related field of study or equivalent work experience. Requires technical and business knowledge in multiple disciplines/processes.
- Typically has 7 – 10 years of relevant work experience.
- Industry related certifications preferred.