Identity Infrastructure Engineer - Contractor

About the Role

We are seeking an experienced Identity Infrastructure Engineer to drive our cloud application Identity Provider (IdP) migration initiative. This role will be responsible for migrating authentication and authorization solutions from legacy identity providers to modern identity solutions, ultimately enabling the full deprecation of virtualized application streaming services.

In this role, you will work with a cross-functional team to design and implement secure identity solutions while ensuring seamless transitions for users and applications. The ideal candidate has extensive experience with cloud identity services, directory services, and modern authentication systems.

Key Responsibilities

Technical Leadership & Architecture

• Contribute to the migration paths between identity providers and directory services
• Architect solutions addressing immediate authentication requirements
• Develop comprehensive identity architecture for sunsetting legacy systems
• Ensure all solutions comply with enterprise security standards
• Troubleshoot complex identity and access management issues

System Integration & Implementation

• Execute migration plans across multiple applications and systems
• Integrate with various cloud services and identity providers
• Build and maintain infrastructure as code (IaC) for identity solutions Develop automated identity workflows and migration processes

Discovery & Documentation

• Document existing identity components, directory integrations, and application dependencies
• Analyze and resolve authentication path issues
• Assess identity architecture security posture and recommend improvements

Project Management & Collaboration

• Work directly with application owners to understand and address specific authentication needs
• Coordinate with security teams to ensure compliance with security requirements
• Communicate effectively about migration status, timelines, and risk mitigation Provide regular status updates and documentation of completed work

Qualifications

Required Skills & Experience

• 5+ years of hands-on experience with AWS services
• 3+ years of experience implementing and managing identity federation solutions
• Deep knowledge of identity protocols (SAML, OAuth, OIDC, etc.)
• Strong experience with Okta, Active Directory, and LDAP
• Practical experience migrating between identity providers
• Experience with Control Tower and cross-account IAM permissions.
• Proficiency in infrastructure as code tools (CloudFormation, Terraform)
• Strong scripting skills (Python, Bash, PowerShell)
• Experience with CI/CD pipelines and DevSecOps practices

Nice to Have

• Familiarity with AWS Well-Architected principles.
• Previous experience with enterprise-scale identity migrations
• Experience with AWS AppStream or similar virtualization/streaming technologies
• Experience with legacy application authentication refactoring
• AWS Certifications:
  • Solutions Architect
  • Security Specialty
  • SysOps Administrator