Cloud Identity and Security Engineer (Microsoft Entra ID / CIAM)

Description

Job Summary: We are seeking a senior Identity Engineer with CIAM experience to lead the design and implementation of external identity solutions, ensuring modern and secure authentication. Key Highlights: 1. Lead the design and implementation of external identity solutions (CIAM). 2. Integrate Microsoft Entra External ID (B2C) into web and mobile applications. 3. Provide expert technical advisory on secure identity integration. We seek a senior Identity Engineer with proven extensive experience to lead the design and implementation of external identity solutions (CIAM). The primary objective is to integrate Microsoft Entra External ID (B2C) into web and mobile applications, ensuring modern, secure, and scalable authentication flows. Technical Requirements (Mandatory) * Experience (6\+ years): In identity engineering, application security, or enterprise application integration. * CIAM Specialist: Hands-on experience implementing Microsoft Entra External ID for Customers (B2C), including custom registration and sign-in flows. * Authentication Protocols: Deep expertise in OAuth 2\.0, OpenID Connect (OIDC), SAML, token handling, claims, and consent patterns. * Development and Integration: Ability to integrate identities into applications via APIs, claim mapping, and session management. * Security: Configuration of Conditional Access, MFA, and abuse prevention and privacy (PII) strategies. * External Providers: Configuration of federation with social identities (Google, Facebook, etc.) and enterprise identities. * Troubleshooting: Advanced diagnosis of authentication errors (invalid\_client, redirect URI issues, token/nonce errors). **Key Responsibilities** Provide expert technical advisory to development teams on secure identity integration. Design identity architecture for customer-facing applications (web/mobile). Resolve complex federation and token issues impacting production. Create architecture guidelines, integration patterns, and troubleshooting runbooks. Collaborate with strategic partners to ensure long-term sustainable solutions. Desired Certifications Microsoft security or identity certifications (e.g., SC\-300) are a plus. **Key Skills** * Analytical thinking and problem-solving. * Clear communication with both technical and executive stakeholders. * Strong ability to produce structured documentation. * Planning and prioritization. * Service orientation, operational continuity, and continuous improvement. Employment Type: Full-time, Indefinite term Salary: Starting at $40,000\.00 per month Benefits: * Flexible working hours * Option for indefinite-term contract * Major medical expense insurance * Life insurance Application Question(s): * Are you available to work hybrid within CDMX/State of Mexico? * Please specify 2–3 date/time ranges over the next 2 business days when you could attend a technical interview (virtual via Teams). Work Location: Hybrid remote in Ciudad Satélite, Méx.