K&K Talent Solutions inc is an International recruiting agency that has been providing technical resources in the European, Canada and the USA region since 1993.
This position is with one of our clients in USA , who is actively hiring candidates to expand their teams.
Security Engineer
Seattle WA (Remote)
Job Description:
Project Summary:
Provide single source-of-truth for online identity for members and non-member web accounts using Azure Active Directory Business to Customer as Identity Access Management solution, capable of supporting millions of usersand billions of authentications per day.
Improved and consistent sign-up and sign-in experience across web properties that provides an improved member experience.
SSO to be seamless and not to change much of the current user experience
Incrementally populate the user credentials sourced from eCommerce system to a modernized, cloud-based identityplatform designed for B2Cfunctions.
MigrateCostco user identities from WebSphere CommerceDB to Azure AD B2C on first sign-in
Role/Contribution:
Planningand designing AAD B2C architecture that can cater60 million Users
Planningand designing AzureApp services, Resourcegroups, ARM templates, Blob Storage
Configuring Azure Active Directory B2C tenant and proxy applications for implementing custom policies of
Identity Experience Framework
Grantingnecessary permission for Microsoft Graph in ProxyIdentityExperienceFramework and IdentityExperienceFramework applications, to perform read write operationto the AD tenant via user impersonation
Developedcustom policies for Identity Experience Framework (IEF), base (TrustFrameworkBase.xml), extension (TrustFrameworkExtensions.xml), Relying party (SignUpOrSignin.xml, ProfileEdit.xml, PasswordReset.xml) files for Local Accountsas identity providers
Built custom User Journeys, Orchestration steps, technical profiles, adding them as output claims in Self Asserted Technical profiles, Content Definitions, Display Controls
claims transformation to custom claims,JSON transformations, case change, conditional value
CustomUI to match the company brandingand design guidelines, and hosting them in Azure Blob storagefor access via Azure CDN (Akamai)
REACT based DOM manipulations
UX customizations using custom claim types, Regex input validation, Validation Technical profiles, Passwordcomplexity for seamless experience with branding for web and mobile experience
DisplayControls for sending verification code, email verification, custom email and dependent One-timepassword (OTP) generation, along with verify code
Custom Rest API’s to integratewith custom servicesfor interacting with LOB applications and InfoBip Emailservice
Securingrestful services with Client Certificate authentication and Basic authentication, RSA encryption and decryption
Writingall trace info to application insights, from IEF & Azure App Service
Defined custom attributesfor storing custom defined information as custom claim, attaching to B2C customextensions app, claim resolversto transfer data via query stringsto IEF and rest api
JWT validation with publickeys, expiration date and nonce
MicrosoftGraph endpoints for Get user, create user with identities, update user, delete user, register/update extension properties
Seedingtool for pre-populating 60+ Million users from DB2 to Azure AD B2C using MASL Python libraries
PerformedData Mining and analysis activitieswith the Costco user base using Pandas for Python, for determining active/inactive users, categorize based on business models,regions etc.