Authentication and Identity Management (AIM)

Role: Authentication and Identity Management (AIM)

Client: Morgan Stanley

Location: Boston, MA

Duration: Long-term Contract

Requisition ID: MOR2JP00013344

About Team

The Authentication and Identity Management (AIM) Fleet provides authentication and identity solution to the Firm. The product portfolio includes home-grown software as well as 3rd party vendors and open-source solutions such as MIT Kerberos, Nokia Radius, RSA SecurID, Duo, OpenSSH, and PingFederate. These products act as the authentication backbone for both user to system and system to system authentication for the Firm and support both the workforce and client user base.

Job Description

The Web Authentication agile squad is responsible for providing federated identity and single-sign-on (SSO) solutions. These solutions range from standard web-based flows to complex solutions enabling access between users, corporate applications, and cloud providers. The successful candidate will help to architect and implement these solutions in collaboration with technical teams in Technology and Business groups. The primary focus of the engineer will be assisting to deliver solutions centered around consolidating the numerous on-premise and cloud based web authentication systems into the Firms target state authentication platform.

Primary Responsibilities will include:

Collaborate with Product Owners, Technology System Owners, and Integration teams to understand SSO requirements, architect and develop solutions, and create supporting documentation

Coordinate with Identity Management and Access Management partners to align dependencies and changes

Serve as a subject matter expert for SAML, OpenID Connect, and OAuth2 technologies

Providing strategic guidance to engineering teams on industry best practices and trends for SSO

Participate in troubleshooting with vendors and clients

Provide support for infrastructure by responding to escalations from the production management operation team

Required Experience:

5 years’ experience with federation tools, with a preference for Azure AD or the Ping Identity suite of federation tools. The position is within an agile team implementing DevOps principles.

Primary Skills

5 years of large scale infrastructure Java development in a Unix/Linux environment

5 years’ experience with Web Authentication concepts of SAML, OIDC, and OAuth2

2 years’ experience with cloud services configuration and integration

Experience with at least one of the scripting languages like Python or Perl

Good understanding of core network and security concepts, specifically Identity and Access management concepts including authentication, authorization, and accounting (AAA)

Good analytical and data modelling skills

Effective communication skills with business and technology users

Proven experience with test driven development

Familiarity with GIT version control system

Working experience with agile development

Skills Desired

Experience with Micro Services and Performance optimization

Experience with software delivery processes within a security landscape

Experience with automation and continuous integration

Experience operating in a large, global, compartmentalized enterprise environment

Basic understanding of software deployment processes