Engineer- Design work, Assist cloud migration

Job description

Tasks

• Head of the Identity-centric Workforce Security Solutions team for the development of authentication and access management solutions with Java, Python, .Net
• Drive automation development with scripts such as Python, PowerShell, Bash script
• Driving the development of identity solutions, access patterns, modern security protocols, zero-trust, least-privilege and defense-in-depth principles
• Review and provide feedback on identity and access management related security solutions proposed by stakeholders
• Advising partners and IT management on authentication and authorization
• In-depth knowledge and expertise in Spring Security, Microservices, Entra ID, Azure, AWS Security
• Knowledge of Okta, PingFederate, Entitlements Management solutions is preferred
• Strong knowledge of identity management in Azure AD with Oauth2, OIDC, SAML, SSO, MFA, Conditional Access Policies, Kerberos, Federations etc.
• Experience in providing security solutions for Java-based mobile microservices, React-based frontends and Android/IOS-based mobile applications on Azure
• Hands-on experience in JWT, session handling, code signing, certificate authentication, TLS/SSL, API security, application registration, application scenarios, etc.
• Awareness of API management, firewalls, DLP, VPNs, DNS, Azure Defender, MCAS, Sentinel, WAFs, Application Gateways, NSGs, App Proxy, Radius Cluster, CDN, etc.
• Good understanding of Cloud Infrastructure Entitlements Management Solution (CIEM) to ensure smooth remediation of toxic entitlements, high risk entitlements, etc.
• Understanding and application of threat modeling concepts and methodologies
• Understanding of application security, OWASP standards, security best practices, browser compatibilities/storage/cookies
• Acts as a workforce cybersecurity expert to assist in planning end-user computing, proxy solutions, MFA, SSO, conditional access, passwordless, Yubikey, biometric solutions, identity and governance scenarios, etc.
• Participation in solutions to support token OIDC, Oauth flows, authentication patterns, identity federation, cloud architectures, cryptography, cloud-native services, cloud security, etc.
• In-depth knowledge of cloud security areas such as policies, RBAC, activities, identities, privileged access management, etc.
• Ability to handle complex identity scenarios with practical experience

Requirements

• Deep knowledge of applications or infrastructure system architectures, typically with experience in multiple system technologies
• Excellent communication and negotiation skills and the ability to work effectively with clients

We offer

• A flexible and collaborative work culture in an organization where financial strength and stability are assets that encourage us to explore new ideas
• Movement within the organization is encouraged, senior leadership is accessible, and you can take pride in working for a company that is committed to supporting the communities we serve
• A working environment with a greater purpose
• Reasonable accommodation for people with disabilities