As a senior engineer, you will be responsible for the build and integration of multi-regional SSO and Directory services, driving infrastructure migration, performing platform maintenance, and coordinating tech refresh projects. You will be reporting to the Global lead and be part of a global team of Authentication Services engineers.
Responsibilities:- Build and deploy solutions to provide User authentication, SSO, federation, Role-Based and Attribute-Based Access Control.
- Manage infrastructure migration projects, including planning, execution, and testing.
- Coordinate tech refresh projects, including planning, execution, and testing.
- Identify and resolve issues, engaging in Root Cause Analysis (RCA)
- Collaborate with cross-functional teams to ensure seamless build and integration.
- Develop and maintain documentation of infrastructure and processes under your responsibility.
- Function as an Infrastructure Subject Matter Expert (SME) for the security infrastructure under your responsibility
- Coordinate with Operations teams to perform post-deployment testing of solutions in individual environments.
- Engage with strategic vendors, external to the organization, to investigate problems and understand product functionality, influence enhancements and roadmap as required to meet organizational goals.
- Lead initiatives to develop/enhance tools for improving system monitoring and simplifying platform maintenance.
- Risk and Compliance – Partner closely with other infrastructure teams to build systemic process that help maintain Citi’s system desired state and enforce compliance.
- Document resolutions in Knowledge base tools.
Mandatory Skills:- 10+ years of experience implementing, operating, and maintaining Access Management solutions supporting Single Sign-On (SSO).
- Experience in authentication and authorization standards such as SAML, WS-Fed, OAuth, OpenID/OpenID Connect, One-time passcodes, PKI, Derived credentials, FIDO, PBAC, RBAC.
- 5+ years working in a Linux-based environment (RHEL, Ubuntu) that includes being conversant in terminal commands, developing shell scripts and setting up schedulers (Cron, Autosys)
- Experience in managing projects, leading operational process change and improvement and delivering infrastructure technologies products and services.
- Experience in financial services or large complex and/or global environment preferred.
- Consistently demonstrate clear and concise written and verbal communication with ability to communicate technical concepts to a non-technical audience.
- Proven analytical, diagnostic, and multitasking skills with focus on execution and attention to detail.
- Demonstrated ability to both work independently and partner with virtual teams in a high-pressure matrix environment.
- Demonstrated ability to take ownership of various parts of a project/initiative with tight deadlines or unexpected changes in expectation/ requirements.
Desired Skills:- Understanding of Zero Trust & Secure Access Service Edge (SASE) technologies.
- Experience in containerization technologies such as Docker and container orchestration with Kubernetes
- Experience with one or more of Enterprise application servers such as IBM WebSphere/WebLogic, Apache Tomcat/HTTP Server
- Familiarity with one or more directory services (e.g., Oracle LDAP, AD LDAP, Novell)
- Experience with production network infrastructure such as Firewalls, DNS, Software/Hardware Load balancers, Proxies
- Experience in Analytical/Monitoring tools such as Grafana, Sensu, Splunk, App Dynamics etc.
- Experience with IT service management frameworks (e.g., ITIL)
Education:- Bachelor’s degree/University degree or equivalent experience
Time Type:
Full timeView the " " poster. View the .
View the .
View the