Architect- IAM /SSO

Overview The Identity Access Management (IAM) Engineer will be the senior technical engineer in the IAM organization and is responsible to design, Implement and support access management solutions in distributed OnPrem & Cloud infrastructure. Skilled in troubleshooting complex technical issues.Provides technical expertise and delivers complex projects. Must have strong development and customization experience. This role is based out of Hyderabad, India and requires coming into the office. Responsibilities Provides strong technical expertise in designing, solutioning and implementing access management requirements. Ensure seamless user authentication experiences across applications and platforms. Solution and implement customer identity access management solutions with hands-on experience in leading CIAM platforms such as Okta, Auth0, or ForgeRock. Provide required knowledge and expertise to assist with the technical approach for the shared operational capabilities of CIAM, including user registration, self-service, authentication, authorization, administration, audit, and reporting. Integrate applications with modern protocols like OAUTH, SAML and OIDC Develop and execute an IAM strategy that aligns with the organization's overall IT and security strategies. Identify opportunities for improving the SSO/Okta environment and implement enhancements. Work with various teams (e.g., IT, security, development) to understand requirements and implement effective IAM solutions. Create and enforce user access policies, MFA based on business requirements. Collaborate with stakeholders to define and maintain authentication standards. Conduct regular system audits to ensure performance and compliance with security standards. Knowledge of regulatory compliance standards and experience with audit support activities. Work with Cybersecurity and API teams to document best practices, authentication patterns and decision criteria for authentication and authorization. Stay current with emerging security threats, technologies, and industry trends to continuously improve the security posture. Assesses current applications and architecture to ensure current implementations align with industry guidelines, best practices and management approved standards. Evaluate and hands on implement automation capabilities to simplify processes and deliver value/cost savings to the business. Provide level 3 production support to help diagnose and troubleshoot complex production issues. Participate in incident response and security incident investigations related to IAM systems. Develop and deliver applicable documentation, training, and knowledge transfer to both internal and external stakeholders. Evaluate and hands on implement automation capabilities to simplify processes and deliver value/cost savings to the business. Foster the Agile DevOps culture through the latest toolset to improve customer satisfaction through rapid, continuous delivery. Qualifications Minimum Qualifications: 10+ years of overall IT experience 8+ years of hands-on experience in authentication architecture, Solutioning and design roles 8+years of hands-on experience with Okta and/or relevant access management tools 5+ years of scripting (power shell, Python) and development (Java, J2EE, JavaScript, React, Rest API) experience is a must. 3+ years working with Agile and DevOps tools and methodologies. Minimum Okta Certified Administrator: Okta Certified Consultant and/or Okta Certified Developer preferred. BS/BA degree or equivalent experience CISSP / CIAM Certification is a plus. Experience with CIC/Auth0 platform is a plus. Preferred Qualifications: Proven track record in implementing IAM solutions in a large, complex environment. Strong understanding of federated authentication, SSO, and SAML along with the ability to make recommendations, scope, and execute on opportunities for automation or improvement in identity system architecture. Extensive experience in solutioning, designing and implementing authentication services. Experience leading CIAM implementation projects from initiation to completion, including requirements gathering, solution design, implementation, testing, and deployment. Proven track record of understanding B2B and B2C customer needs and delivering solutions that enhance user experience while maintaining security and compliance standards. Thorough understanding of security best practices, privacy regulations (such as GDPR, CCPA), and compliance requirements related to customer data protection. Broader IAM domain experience with focus on information security Deep technical expertise in solutioning and integrating B2B, B2C applications with CIAM. Strong expertise in designing solutions with the standard IAM platforms like Okta, PingFederate in enabling single sign-on services for both cloud and on-prem applications. Hands-on experience in building SSO solutions with various protocols like SAML, OAuth, OIDC, and headers-based applications and platforms, preferably Azure AD, Ping, and SiteMinder Experience in designing Consumer identity and access management solutions Strong understanding of the latest security principles like zero trust and passwordless authentication to implement new standards in the authentication model. Must have working knowledge of Okta Lifecycle Management and Administrative APIs Experience with solutions like CyberArk, Beyond Trust, RSA or comparable products. Excellent understanding of REST integration concepts Experience in directory services like Oracle LDAP, and AD Experience working with cloud-based authentication solutions (e.g., AWS Cognito, Azure AD, Okta). Strong hands-on development experience - Java, Node js, React, Sprint boot, REST API and Java script. Hands on experience with JavaScript, Python, Ruby, PowerShell, or other scripting languages preferred. Experience building CICD pipelines in Azure or AWS Experience in automating application deployment building CICD pipelines using Ansible and terraform. Experience in Monitoring tools like Splunk, ELK, Prometheus, or similar tools Experience with container technologies Docker, Kubernetes Experience with Linux and Windows platforms, middleware, Apache, and load balancers Experience developing workflows, custom connectors, and troubleshooting complex issues. Experience with Agile and DevOps tools and methodologies Minimum Okta Certified Administrator: Okta Certified Consultant and/or Okta Certified Developer preferred. CISSP / CIAM Certification is a plus. Experience in Auth0 and SiteMinder is preferred. Non-Technical skills: Exceptional communication and interpersonal skills with the ability to influence and collaborate with diverse stakeholders. Deliver outcomes with a little supervision, must be a self-starter and self-motivator. Strong analytical, problem-solving, and decision-making skills, with the ability to manage complex and competing priorities. Strong project management and organizational skills, with the ability to deliver high-quality results. Ability to think strategically and suggest creative solutions. Ability to synthesize complex requirements into simple business practices. Flexible and able to adapt to changing priorities.