DevOps Security Engineer - Customer IAM
DevOps Security Engineer - Customer IAM
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
DevOps Security Engineer Customer IAM
Your role
Were looking for a hands-on Security DevOps Engineer to support our Customer Identity & Access Management platform helping us securely deliver and scale authentication services for internet-facing applications that serve millions of users. This role sits at the intersection of DevOps platform security and CIAM-focused on automating secure deployments and protecting public-facing APIs and services.
- Partner with Senior SMEs in and outside CIAM Team to successfully execute and deliver the vision and priorities of your POD.
- Contribute to the CIAM technical vision and strategy and support the development of architecture and engineering capabilities within the team
- Act as individual contributor for the delivery of your POD ensuring that services are implemented delivered and operated at the required quality standards.
Your team
Youll be working in the Customer Identity & Access Management Team which is part of Identity & Access Management. This role specifically is aligned with our External Authentication products which provide solutions for clients globally. Our team consists of highly skilled technical experts across the globe. Your team has an amazing opportunity to make significant positive impact to the company our clients and our stakeholders.
Your expertise
- CIAM Deployment & Operations
- Build and operate highly available CIAM infrastructure and applications using IaC.
- Automate the deployment and configuration of identity services (e.g. Transmit Security Azure AD B2C Auth0 ForgeRock etc.).
- Integrate reverse proxies WAFs (e.g. F5 Azure Front Door) and API gateways for internet-facing identity endpoints.
- Deploy and manage secure CIAM workloads in Azure (App Services Kubernetes Azure Functions Key Vault App Gateway).
- Security Engineering & Hardening
- Implement and enforce secure defaults for CIAM components (e.g. rate limiting MFA enforcement token protection).
- Automate secrets management and certificate rotation for CIAM services and dependencies.
- Integrate identity protection signals (risk-based access fraud detection) with application workflows.
- Monitor infrastructure using native and bespoke tools and building custom dashboards for Engineering and Operations duties.
- DevOps & CI/CD
- Harden CI/CD pipelines for CIAM service delivery including shift-left security scanning.
- Create reusable deployment patterns and modules for secure multi-region or multi-tenant CIAM deployments.
- Support developers in securely integrating with OAuth2 OIDC SAML and federation patterns.
- Collaboration & Incident Support
- Participate in security reviews for new customer-facing features or identity integrations.
- Act as an SME in CIAM-related incident response and postmortem analysis.
- Collaborate with product development and compliance teams to align on secure identity practices.
Required Qualifications
- 8 years in DevOps Cloud Engineering or Platform Security roles ideally with CIAM experience.
- Hands-on experience with public cloud deployments (Azure preferred) and CI/CD automation.
- Deep understanding of internet-facing app security: TLS WAFs reverse proxies JWT/OAuth token handling.
- Strong experience with infrastructure as code and scripting (Python PowerShell Bash).
- Familiarity with modern identity standards (OAuth2 OIDC SAML) and threat models.
- Experience managing authentication and authorization services at scale for external users.
Preferred Qualifications
- Experience with CIAM platforms like Transmit ForgeRock Auth0 Ping or Azure AD B2C.
- Understanding of Zero Trust architectures.
- Familiarity with DDoS mitigation and secure web gateway integration.
- Exposure to cloud-native observability stacks and runtime security.
Azure and IT security certifications.
Employment Type
Full-time
