Authentication Engineering Consultant

Take me back

Share this Opportunity

Location: New york, New York

Salary/Pay Range: $135 - $145

Job Description

An Authentication Engineer job is available with our client, an American multinational private equity, alternative asset management, and financial services firm based in New York City. This is a hybrid, contract role.


You will join the IAM Authentication team to engineer solutions with a strong focus on Azure AD and modern authentication protocols to build secure authentication across the enterprise.




  • Architect and engineer identity and access management solutions leveraging Azure AD and modern Authentication protocols and frameworks (OAuth 2.0, OIDC and SAML) to move the strategic roadmap forward.
  • Responsible for configuration, management, and support of all Azure AD functions with emphasis on security, reliability and operational excellence.
  • Configure, integrate and secure applications in Azure AD with Application registrations and fine-tuning Conditional Access polices.
  • Configure and manage Azure AD Connect for AD > AAD Sync with regular upgrades to the Azure AD Connect software.
  • Provide escalation support for Azure AD related L2 issues, efficiently troubleshoot/prioritize Azure AD issues and maintain the culture of root cause analysis for incident management.
  • Contribute to Azure AD documentation and workflows.
  • Automate and develop Azure AD capabilities with Microsoft Graph API.
  • Define security guidelines/standards for modern authentication and authorization security frameworks.
  • Partner with teams to assist in defining the modern authentication strategy and roadmap.
  • Support multi-factor authentication and manage factor enrollment flows to secure modern application architectures.
  • Research, design, and advocate new AuthN technologies, standards, or methodologies that will strengthen our security posture, reduce our risk exposure and improve our overall user experience.
  • Review and update authentication and authorization polices, standards and procedures to raise the maturity of the Authentication program.
  • Actively participate in development and program efforts related to Identity and Access Management through hands-on collaboration and engagement.




  • In-depth knowledge of Azure Hybrid Identity, authentication methods (federation, passthrough auth, password hash sync).
  • In-depth knowledge of Azure Application management, Azure AD Authentication and Authorization basics, App types, Authentication flows.
  • Understanding of Azure AD device identity, device trust with Hybrid Azure AD join and how Primary Refresh Tokens work.
  • Understanding of Identity governance and Identity protection - identity and access lifecycle, configuring risk policies.
  • Understanding of Azure Role Based access patterns - management groups, subscriptions, resource groups.
  • Understanding of Azure Reporting and monitoring - analyzing Audit, Sign-in, Azure Monitor logs.
  • Fundamental understanding of Active Directory Domain Services (ADDS), Windows Server 2016/2019 Domain Controllers and related services (DNS, DHCP, Group Policy).
  • Fundamental understanding of legacy (Kerberos, LDAPs) and modern Authentication protocols and frameworks (SAML, OAuth 2.0, OIDC).
  • Strong understanding of SAML, OAuth/OIDC and other authentication methods.
  • Strong understanding and practical experience with one or more cloud multifactor technologies.
  • In-depth knowledge of JWT, understanding scope definitions and claims, differences between identity and access token.


Nice to have:

  • Experience in deploying Infrastructure-as-code using Terraform, DevOps and CI/CD best practices.
  • Intermediate knowledge of AWS Managed Microsoft AD.
  • Knowledge of Okta Identity Engine, Passwordless solutions like Okta FastPass.

Follow Us On