IAM Consultant

Birlasoft, a global leader at the forefront of Cloud, AI, and Digital technologies, seamlessly blends domain expertise with enterprise solutions. The company’s consultative and design-thinking approach empowers societies worldwide, enhancing the efficiency and productivity of businesses. As part of the multibillion-dollar diversified CKA Birla Group, Birlasoft with its 12,000+ professionals, is committed to continuing the Group’s 170-year heritage of building sustainable communities.

We are hiring an IAM SME to lead a secure SSO implementation of Entra External  duties include migrating from Azure AD B2C to Microsoft Entra External , establishing federation with external client portals (SAML/OIDC), providing reference SSO integration, and ensuring strong security, documentation, and knowledge transfer.

• Organize discovery workshops to assess existing authentication methods, workflows, and types of external users.
• Evaluate Azure tenant readiness, licensing, security and compliance requirements, and establish a project plan with milestones and RACI assignments.
• Identify prerequisites such as network configuration, required ports, and environment setup strategy, collaborating with application teams to address dependencies.
• Develop an authentication architecture for external users with Entra External .
• Define user registration and login processes, IdP federation strategies (SAML/OIDC), and tailor branding and UX for user journeys.
• Design Conditional Access and MFA policies, including bypass options for partner-initiated flows when necessary (in partnership with app teams).
• Create architecture diagrams and high/low-level design documents.
• Prepare the development environment, configure the Entra External t, and register required applications.
• Set up federation and integration patterns for external client portals.
• Apply session and token management best practices to ensure smooth portal navigation and proper sign-out behavior.
• Establish a migration strategy and tools using Microsoft Graph APIs
  , along with scripts and infrastructure.
• Plan and conduct pilot migration, then advance to full-scale migration readiness.
• Maintain attribute mapping and ensure identity data integrity during migration.
• Lead UAT validation, manage issue triage and remediation tracking, and refine policies and UX from feedback.
• Verify conditional access/MFA enforcement versus bypass scenarios, and test end-to-end SSO functionality.
• Create comprehensive documentation covering configuration, federation, migration steps, and operational runbooks.
• Host working sessions and transfer knowledge to enable internal teams to manage additional client SSO integrations independently.
• The Entra External t was configured with necessary app registrations and policies.
• The pilot migration was completed and user authentication flows were verified.
• A functional reference SSO integration is in place for at least one client portal, supporting both web and mobile flows.
• High/low-level design documents, architecture diagrams, UAT reports, issue logs, and KT documentation are delivered.

• 10+ years in Identity & Access Management with hands-on SSO and federation implementations.
• Strong expertise in:
• Microsoft Entra External
• Application registrations, redirect URIs, certificates/secrets, custom domains concepts
• Experience with Azure AD B2C and migration patterns to Entra External .
• Working knowledge of Microsoft Graph API for user migration and identity operations.
• Practical experience designing and implementing Conditional Access + MFA strategies.
• Strong documentation and stakeholder management skills; ability to run workshops and KT sessions.
  Nice-to-Have
• Familiarity with Identity Governance/RBAC best practices for least privilege access.
• Experience hands on experience migrations at large scale.

• Microsoft Certified:
  Identity and Access Administrator Associate
• Microsoft Certified:
  Cybersecurity Architect Expert

• Strong analytical, problem-solving, and troubleshooting skills.
• Excellent communication and stakeholder management abilities.
• Ability to work independently and collaboratively in a fast-paced environment.