Citi's Chief Information Security Office - Identity and Access Management (IAM) Authentication Services team is looking for an experienced Single Sign-On (SSO) and Directory Services Engineer to join their team in Pune.
As a senior engineer, you will be responsible for the build and integration of multi-regional SSO and Directory services, driving infrastructure migration, performing platform maintenance, and coordinating tech refresh projects. You will be reporting to the Global lead and be part of a global team of Authentication Services engineers.
The ideal candidate will have a strong background in SSO and Directory Server technologies, excellent problem-solving skills, and experience with migration and deployment projects. Candidate should be a self-starter and should be able to work in a well-defined team structure as well as independently with minimal supervision. Candidate should have a good command of English and possess strong oral and written business communication skills. Candidate should be a fast-learner and should be able to work well under pressure and competing priorities.
Responsibilities:
Build and deploy solutions to provide User authentication, SSO, federation, Role-Based and Attribute-Based Access Control.
Manage infrastructure migration projects, including planning, execution, and testing.
Coordinate tech refresh projects, including planning, execution, and testing.
Identify and resolve issues, engaging in Root Cause Analysis (RCA)
Collaborate with cross-functional teams to ensure seamless build and integration.
Develop and maintain documentation of infrastructure and processes under your responsibility.
Function as an Infrastructure Subject Matter Expert (SME) for the security infrastructure under your responsibility
Coordinate with Operations teams to perform post-deployment testing of solutions in individual environments.
Engage with strategic vendors, external to the organization, to investigate problems and understand product functionality, influence enhancements and roadmap as required to meet organizational goals.
Lead initiatives to develop/enhance tools for improving system monitoring and simplifying platform maintenance.
Risk and Compliance – Partner closely with other infrastructure teams to build systemic process that help maintain Citi's system desired state and enforce compliance.
Document resolutions in Knowledge base tools.
?
Scheduled weekend support on a rotation-basis and occasional extended-hour shifts expected.
Mandatory Skills:
10+ years of experience implementing, operating, and maintaining Access Management solutions supporting Single Sign-On (SSO).
Experience in authentication and authorization standards such as SAML, WS-Fed, OAuth, OpenID/OpenID Connect, One-time passcodes, PKI, Derived credentials, FIDO, PBAC, RBAC.
5+ years working in a Linux-based environment (RHEL, Ubuntu) that includes being conversant in terminal commands, developing shell scripts and setting up schedulers (Cron, Autosys)
Experience in managing projects, leading operational process change and improvement and delivering infrastructure technologies products and services.
Experience in financial services or large complex and/or global environment preferred.
Consistently demonstrate clear and concise written and verbal communication with ability to communicate technical concepts to a non-technical audience.
Proven analytical, diagnostic, and multitasking skills with focus on execution and attention to detail.
Demonstrated ability to both work independently and partner with virtual teams in a high-pressure matrix environment.
Demonstrated ability to take ownership of various parts of a project/initiative with tight deadlines or unexpected changes in expectation/ requirements.
Desired Skills:
Understanding of Zero Trust & Secure Access Service Edge (SASE) technologies.
Experience in containerization technologies such as Docker and container orchestration with Kubernetes
Experience with one or more of Enterprise application servers such as IBM WebSphere/WebLogic, Apache Tomcat/HTTP Server
Familiarity with one or more directory services (e.g., Oracle LDAP, AD LDAP, Novell)
Experience with production network infrastructure such as Firewalls, DNS, Software/Hardware Load balancers, Proxies
Experience in Analytical/Monitoring tools such as Grafana, Sensu, Splunk, App Dynamics etc.
Experience with IT service management frameworks (e.g., ITIL)
Education:
Bachelor's degree/University degree or equivalent experience
------------------------------------------------------
Job Family Group:
Technology------------------------------------------------------
Job Family:
Information Security------------------------------------------------------
Time Type:
Full time------------------------------------------------------
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi") invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity reviewAccessibility at Citi.
View the "EEO is the Law" poster. View theEEO is the Law Supplement.
View theEEO Policy Statement.
View thePay Transparency Posting