050246-Single Sign-On Engineer

About Capgemini

A global leader in consulting, technology services and digital transformation, Capgemini is at the forefront of innovation to address the entire breadth of clients’ opportunities in the evolving world of cloud, digital and platforms. Building on its strong 50-year heritage and deep industry-specific expertise, Capgemini enables organizations to realize their business ambitions through an array of services from strategy to operations. Capgemini is driven by the conviction that the business value of technology comes from and through people. It is a multicultural company of over 200,000 team members in more than 40 countries. The Group reported 2018 global revenues of EUR 13.2 billion.


About Infrastructure Services :

The Cloud Infrastructure Services Global Business Line is Capgemini’s consulting and infrastructure build-and-run provisioning offering, and supports the group’s cloud-based services. As part of the integrated cloud offering from Capgemini, Cloud Infrastructure Services delivers a broad range of cloud services to build and support the hybrid cloud estate by encompassing the leading public cloud players and leading private cloud technologies. With EUR 1.5 billion annual revenue, Cloud Infra Services helps clients virtualize and optimize their IT estates through infrastructure outsourcing services such as data center, helpdesk, network support, and service integration and service maintenance support.  Our other services also include infrastructure transformation services-helping clients consolidate and migrate entire workloads and data centers. 


The Identity Access Management
(IAM) SSO Engineer is responsible for the Support, migrate, onboard new
application integration, automation and improvement of access management
solutions including, but not limited to, Single Sign On & Federation, Directory
Services, Multifactor Authentication, and Web Access Management.



  • Manage & deliver a large-scale
    mission critical enterprise IAM (OKAT, LDAP) platform
  • Work in an Onshore-Offshore model to
    deliver a 24X7 coverage support
  • Implementing, integrating and
    supporting Okta’s cloud technologies into client’s IAM environment.
  • Develop and maintain an access
    management integration process detailing a technical integration template and
  • Troubleshoot and resolve issues
    efficiently during migration, onboarding and BAU activities.
  • Support technical integration needs
    (design and development) that facilitate connectivity between SSO, directory,
    and provisioning tools
  • Work with the Access Management
    Solutions Lead to validate integration needs with proposed technical solution
  • Successfully transition support and
    knowledge of new application integrations and environment upgrades to SSO
    operations team
  • Uses a comprehensive understanding of
    multiple IAM, operational and security technologies, to lead the analysis,
    design and deployment of IAM architecture and other security projects to
    proactively identify and mitigate organizational risk, streamline access
    management activities, ensure resources are secured, and adapt to changing
    threat landscapes.



  • Bachelor’s degree in Computer
    Engineering or related field, with a minimum of 8 years of experience in
    Information Security
  • Hands on experience integrating
    applications with Okta SSO, MFA, API Management is must
  • Strong Operational support experience
    managing large enterprise IAM platform is critical
  • Minimum of 3 years of operational
    experience with the following product offerings: Okta , Oracle Unified
    Directory and CA Siteminder/SSO (12.52+), including implementation,
    installation, configuration & administration of various components.
  • Intimately familiar with IAM related
    protocols such as SAML, SCIM, OpenID and OAuth.
  • Minimum 3 years Unix/windows scripting
    and Perl experience
  • Good understanding of Network, storage,
    load balancer, firewall, Citrix, VMware
  • Experience in managing a team of 10+
    people (preferably in a onshore-offshore model)


Nice to have:


  • Strong understanding of cloud
    computing architecture, technical design and implementations, including
    Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software
    as a Service (SaaS) delivery models.
  • Working knowledge of Cloud
    Authentication and Access management Services.
  • Experience migrating legacy
    header-based applications to modern authentication standards such as SAML,
    OIDC, OAuth.
  • Strong analytical and clear-thinking
  • Excellent team skills and


Location – Remote work options
and open to candidates willing to relocate within the CONUS area



Capgemini is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law.


This is a general description of the Duties, Responsibilities and Qualifications required for this position. Physical, mental, sensory or environmental demands may be referenced in an attempt to communicate the manner in which this position traditionally is performed. Whenever necessary to provide individuals with disabilities an equal employment opportunity, Capgemini will consider reasonable accommodations that might involve varying job requirements and/or changing the way this job is performed, provided that such accommodations do not pose an undue hardship.


Click the following link for more information on your rights as an Applicant – http://www.capgemini.com/resources/equal-employment-opportunity-is-the-law

Applicants for employment in the US must have valid work authorization that does not now and/or will not in the future require sponsorship of a visa for employment authorization in the US by Capgemini.







Posted on:

October 8, 2020

Experience level:


Education level:

Associate's Degree/College Diploma (±13 years)

Contract type: