Job Description

We are seeking a highly skilled Microsoft Entra B2C (Customer Identity and Access Management - CIAM) Engineer to design, build, and operate secure, scalable identity solutions for external users. This role focuses on delivering modern authentication, registration, and user management capabilities for customer-facing applications using Microsoft Entra External ID.

The ideal candidate will have a deep understanding of identity and access management principles, technologies, and best practices. This role involves implementing and managing IAM solutions to ensure the security and efficiency of our IT infrastructure.

Key Responsibilities - CIAM Architecture & Engineering

Design and implement CIAM solutions using Microsoft Entra B2C. Build and maintain custom policies (IEF). Define identity architecture for onboarding, authentication, and federation.

Authentication & Identity Federation

Configure OpenID Connect, OAuth 2.0, and SAML. Integrate social and enterprise identity providers. Design secure token issuance and validation strategies.

User Journeys & Experience

Develop self-service registration, invite onboarding, password reset, and MFA flows. Customize UI/UX, branding, and localization. Implement progressive profiling.

Application & API Integration

Integrate B2C with web, mobile, and APIs. Implement claims transformation and token customization. Collaborate with dev teams on token usage.

Identity Lifecycle Management

Manage external identities, custom attributes, and schema. Implement provisioning, synchronization, and lifecycle processes.

Security & Risk Management

Implement MFA, session controls, and Zero Trust patterns. Protect against account takeover and fraud scenarios.

Operations & Support

Monitor platform performance, troubleshoot issues, provide Tier 3 support, and maintain documentation.

Required Qualifications

Experience with CIAM and Microsoft Entra B2C. Strong knowledge of OIDC, OAuth, and SAML. Experience with custom policies (IEF), APIs, and token-based authentication.

Preferred Qualifications

Experience with identity sync, API-driven architectures, and Zero Trust. Certifications such as SC-300 preferred.

Core Competencies

Strong troubleshooting skills, ability to translate business requirements, and excellent collaboration capabilities.

Role Impact

Delivers secure customer identity experiences, protects external applications, and enables scalable digital identity platforms.

In addition, you will:

Collaborate with stakeholders to understand business requirements and translate them into IAM solution designs using SailPoint Identity Security Cloud (formerly IdentityNow).

• Manage and maintain IAM platforms, ensuring their stability, security, and performance.
• Enforce IAM policies, procedures, and standards.
• Develop and maintain detailed documentation for IAM processes and systems.
• Conduct thorough testing of the IAM solution to ensure its reliability, functionality, and performance.
• Stay updated on the latest IAM technologies, trends, and best practices to continuously improve the organization's IAM capabilities.

What you will need to have:

• Bachelor's degree in computer science, Information Systems, or a related field (or equivalent experience).
• Over 7 years of direct IAM related experiences
• Proven experience as an IAM Engineer, specifically implementing the Microsoft B2C in medium to large Organizations
• Strong knowledge of identity and access management concepts, principles, and technologies.
• Hands-on experience with IAM solution design, implementation, and integration.
• Familiarity with authentication protocols (e.g., SAML, OAuth, OpenID Connect) and directory services (e.g., LDAP, Active Directory).
• Strong analytical and problem-solving skills, with the ability to assess complex environments and identify areas for improvement.
• Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and stakeholders.

Good to have:

• Proficient in programming/scripting languages (e.g., Java, PowerShell, Python) for customization and automation.
• Relevant certifications such as Certified Identity Management Professional (CIMP) are highly desirable.