Senior Engineer - Cybersecurity

About the role

We are looking for a Senior Engineer specializing in Cybersecurity to lead the design, implementation and operation of our Customer and Workforce Identity and Access Management (CIAM/IAM) solutions. The role will focus on integrating and orchestrating authentication flows across enterprise and custom applications.

Key responsibilities

• Own end‑to‑end CIAM and workforce IAM integrations for enterprise and custom applications, with deep focus on Ping Identity (PingFederate, PingOne), Okta, and DaVinci orchestration workflows.
• Design, implement, and maintain authentication flows using SAML, OIDC/OAuth 2.0, and API‑based integrations, handling tokens, claims mapping, scopes and attribute transformation.
• Build and operate DaVinci identity workflows to orchestrate registration, step‑up MFA, risk signals, identity verification and downstream integrations.
• Lead onboarding and migration of applications into Azure Entra ID, ensuring compliance with enterprise IAM standards and Conditional Access policies.
• Engineer and enforce MFA and adaptive authentication policies across CIAM and workforce platforms.
• Partner with application owners and product teams to standardize authentication architectures and eliminate bespoke implementations.
• Integrate CIAM platforms with lifecycle and governance systems such as SailPoint and HR‑driven sources.
• Design and support non‑human identity use cases including service accounts, API clients, secrets, certificates and token‑based access.
• Develop automation, telemetry and reporting for IAM/CIAM operations to improve visibility and support compliance (SOX, SOC2, GDPR).
• Serve as senior technical escalation point for complex IAM/CIAM incidents and contribute to governance standards.

Required profile

• Several years of experience designing and operating IAM/CIAM solutions.
• Strong knowledge of authentication protocols such as SAML and OIDC/OAuth 2.0.
• Experience with Ping Identity, Okta, Azure Entra ID and DaVinci workflow orchestration.
• Proven ability to implement MFA, adaptive authentication and Conditional Access policies.
• Familiarity with identity governance tools like SailPoint and compliance frameworks (SOX, SOC2, GDPR).

Required skills

• Ping Identity (PingFederate, PingOne)
• Okta
• DaVinci orchestration
• Azure Entra ID
• SAML
• OIDC/OAuth 2.0
• API integration and token handling
• MFA and adaptive authentication
• Conditional Access policies
• SailPoint identity governance
• Scripting/automation for telemetry and reporting