Senior Analyst

Job Description

WD Grade: 112                   Job Title: Senior Analyst            Location: Hyderabad / IND - Virtual

ROLE DESCRIPTION
Delivery of exceptional Technical Services. Responsible for analyzing, resolving, and maintaining different layers of IDAM applications, including but not limited to SSO/Authentication, Authorization, Identity Governance.

IDAM is a tightknit group, with many overlapping areas of responsibility.

PRINCIPAL DUTIES AND RESPONSIBILITIES:

• Design and implement cutting-edge identity and access management (IAM) solutions.
• Develop and deploy access management and federation products, including but not limited to Microsoft Azure Entra ID, Ping Federate, Okta and B2C, or equivalent solutions.
• Demonstrate comprehensive knowledge of Single Sign-On (SSO), authentication, and authorization workflows. Develop custom Authentication Modules, Authentication Tree Nodes, Account Mappers, and Adapters based on customer requirements and use cases.
• Enhance user experience by designing and modifying UI elements (HTML, CSS, JavaScript), updating MFA requirements, modifying token claims, and configuring session settings.
• Facilitate the onboarding of new customers (inbound and outbound SSO), ensuring adherence to defined processes and timelines.
• Manage the complete lifecycle of Ping Identity solution deployments, including requirements analysis, solution design, architecture, configuration, customization (using Java/JavaScript), and testing (unit, system integration, performance, and UAT testing).
• Contribute to IAM security service delivery through monitoring, controlling, and supporting the execution of security services.
• Collaborate and liaise with internal teams and customer stakeholders throughout the SSO implementation lifecycle.
• Conduct technology assessments to support automation and migration initiatives.
• Partner with external client technical and business contacts to showcase Alight IAM capabilities and best practices while documenting proposed solutions.
• Working with External Client Technical and Business contacts to demonstrate Alight IAM capabilities and best practices while documenting the solution to be implemented.
• Create and maintain comprehensive support documentation and processes.
• Diagnose and resolve software application issues using established procedures and methodologies.
• Analyze complex problems and provide actionable resolution paths.
• Provide on-call technical support as required.
• Lead escalation handling for complex IAM-related issues, ensuring timely resolution and minimizing operational disruptions. Serve as the primary point of contact for escalated technical issues and coordinate cross-functional teams for rapid response.
• Act as a key liaison to provide stakeholders with timely escalation updates, ensuring transparency and alignment throughout the process. Perform root cause analyses for recurring issues or major incidents and propose actionable process improvements to prevent future occurrences. Address problem statements and deliver the required information within the specified deadline.
• Actively participate in Disaster Recovery Exercises (DRE) to ensure process documents are up-to-date and seamless execution of the exercise.
• Ability to create training materials and conduct workshops for end-users and internal teams on SSO workflows and best practices.

EDUCATION AND PROFESSIONAL CERTIFICATIONS:

• Bachelor's degree Graduation (Mandatory)
• At least 7 years job experience in the IT industry with minimum 3 year in IAM technology.
• Professional Certifications such as SC 900, SC 300, AZ 500, AZ 900, SSCP, etc. are a plus but not mandatory.

CANDIDATE PROFILE:

• Solid oral and written communication skills in English.
• Clear understanding of Team’s role in meeting Organizational objectives.
• Average Business knowledge.
• Ability to organize work and priorities to meet deadlines with limited supervision.
• Strong problem solving and analytical skills.
• Be proactive, dynamic, and flexible.
• Incumbents at this level should be familiar with all aspects of Information Technologies including Hardware, Operating Systems, Network protocols, Clustering, Load-balancing, High Availability, Cloud Computing, IAM, SSO, DB etc.

Position

Description
Describe in as much detail as possible any expectations of this position not described above that are unique to your area. Do not include client specific tasks.

COMPETENCIES:

• Cybersecurity Expertise: Demonstrated ability to assist across all aspects of Cybersecurity, including proactive risk identification and resolution.
• Advanced Cloud Computing Knowledge: In-depth understanding of cloud computing platforms and services, especially in relation to IAM and SSO solutions.
• Exceptional Presentation and Communication Skills: Strong presentation abilities and proficiency in office productivity tools such as MS365, Word, Excel, PowerPoint, with advanced knowledge of MS Project, Visual Source Code, Git, and Visio.
• Continuous Learning and Adaptability: Proven capability to quickly gain proficiency in new technologies and work autonomously toward strategic goals.

• Required Skills:
  • Strong understanding of Microsoft Entra ID (Azure AD) features, including Conditional Access, Multi-Factor Authentication (MFA), and Identity Protection.
  • Configure and manage Microsoft Entra ID environments, including user accounts, groups, roles, and policies.
  • Expertise in identity federation protocols such as SAML, OAuth, OpenID Connect, and WS-Federation.
  • Proficiency in Single Sign-On (SSO) configurations for diverse applications, including web, mobile, and enterprise systems.
  • Plan and implement Single Sign-On (SSO) solutions to enable seamless access across applications and resources.
  • Configure and maintain SCIM-based automatic provisioning for enterprise applications.
  • Oversee user provisioning, de-provisioning, and access reviews to ensure secure identity lifecycle management.
  • Experience in designing access control policies to ensure appropriate authorization levels.
  • Configure and support integrations with Enterprise applications, cloud services, and third-party identity providers using protocols like SAML, OAuth, and WS-FED.
  • Ensure compliance with organizational security policies and regulatory requirements related to identity and access management.
  • Diagnose and resolve authentication issues, login failures, and access permissions related to Entra ID, SSO and MFA.
  • Hands-on experience managing both an Identity Provider (IdP) and Service Provider (SP), along with external federation setups (e.g., IDP-initiated and SP-initiated SSO).
  • Competence in configuring user attribute mapping and claims transformation for effective data communication between IdPs and SPs.
  • Comprehensive knowledge of IdP Adapters, context-based authentication policies, and device, location, or network-based protocols.
  • Expertise in securing communications (e.g., SSL/TLS), token signing, and encryption for SAML assertions and OAuth tokens.
  • Integration proficiency with LDAP directories, Active Directory (AD), and other identity stores for authentication and user information retrieval.
  • Practical knowledge in identity synchronization across federated systems to maintain accurate user identities.
  • Configure and maintain HYPR Authenticate, ensuring smooth integration with enterprise systems.
  • Oversee FIDO-based authentication, eliminating passwords while enhancing security.
  • Work with HYPR APIs to enable secure authentication across applications.
  • Proficiency with XML, JSON, Java, JavaScript, ASP.net, and J2EE.
  • Expertise in migrating legacy identity and access management systems to modern SSO solutions while ensuring minimal disruption and seamless integration.
  • Knowledge of regulatory compliance standards like GDPR, HIPAA, and SOC2, as well as securing SSO systems against vulnerabilities and threats.
  • Ability to implement monitoring tools and dashboards for tracking SSO system performance, usage metrics, and error trends.
  • Maintain up-to-date documentation on Entra ID configurations, processes, and best practices.
  • Maintain technical documentation and provide guidance on passwordless authentication best practices.

• Supplemental Skill’s:
  • Familiarity with DevOps tools like GitHub and Continuous Integration/Deployment practices.
  • Proficiency in Python scripting and PowerShell, including workflows and troubleshooting in ISE or AWS CLI.
  • Advanced knowledge of API integrations, including GraphAPI, REST, and cloud-based interfaces.
  • Strong understanding of Disaster Recovery Exercises (DRE) protocols and escalation handling for SSO issues.
  • Familiarity with tools and scripting for automating IAM processes, such as onboarding, deprovisioning, and system updates.

We offer you a competitive total rewards package, continuing education & training, and tremendous potential with a growing worldwide organization.
 

DISCLAIMER:

Nothing in this job description restricts management's right to assign or reassign duties and responsibilities of this job to other entities; including but not limited to subsidiaries, partners, or purchasers of Alight business units.