This hands-on engineering role will help drive adoption of single sign on throughout the enterprise. You will work closely with internal applications to provide specifications for modern authentication protocols and help them leverage them. This role will meet with internal stakeholders to evangelize and promote the use of these centrally managed Identity services, promote best practices and advanced security controls with application owners and server support resources.
The team provides the company with Single Sign On and MFA as well as certificates for both external applications and internal authentications. This involves migrating applications from our legacy environments to our new Microsoft SSO, implementing conditional access with Intune, and securing communications.
Contributing to the success and delivery of the Single Sign On Program. Provide senior level engineering and design support. Help deliver a comprehensive Multi-factor authentication program utilizing conditional access to deliver a better user experience that reduces user authentications, increases security assurance, and lowers risk. Support critical services like VPN, PAM as the front door protection that provides authentication and authorization. Ongoing maintenance of the platform, server support, and troubleshooting. Design & Engineering of the solution. Troubleshoot SSO/MFA Issues from both a client and application perspective., create technical transition and integration plans and execute them.
Good to have but not required:
- Bachelor’s degree in Technology (Computer Science, Computer Engineering etc.) or related experience
- At least 3 years of experience in Security or Identity & Access Management.
- Willingness to learn Microsoft Azure Single Sign On / MFA at a deep technical level.
- Good Project Management, inter-personal & communications skills and the ability to adapt to change, move fast, take charge, and work with ambiguity. Positive and enthusiastic attitude
- Good understanding of Security Architecture and Application Design and Integration
- Experience supporting a service, creating run books, & 24/7 uptime and support.
- Scripting Experience in PowerShell or a similar language.
- Knowledge of firewalls, Load Balancers, and port/protocols involved with connectivity
- Ability to troubleshoot issues and interact with end user administrators and explain PKI
- Can work independently with less supervision
- Microsoft SSO Conditional Access, Risk Scoring, or similar Single Sign On experience
- AWS/Azure Cloud authentication experience
- Windows Hello for Business Facial Recognition and workstation authentication experience
- Yubikey hardware token, or Fingerprint recognition implementation experience
- Experience building out a new Security or Identity Service
- Microsoft Active Directory Experience, especially with Windows 2016.
- Multiple Security Certifications (CISM, CISSP, CISA, CISM, CRISC, ITIL, PMP)
- PKI Experience related to Workstations or applications
As a global business, Refinitiv relies on diversity of culture and thought to deliver on our goals. Therefore we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under country or local law. Refinitiv is proud to be an Equal Employment Opportunity/Affirmative Action Employer providing a drug-free workplace.
Intrigued by a challenge as large and fascinating as the world itself? Come join us.
St. Louis-Missouri-United States of America