Enterprise Authentication Architect
United States,
New York
Permanent
Job ID: 2223
Job Description
[c. $400-500k Comp Package | Hybrid Working - 3 Days in Office]
Are you a seasoned authentication expert ready to take full ownership of enterprise-wide Single Sign-On (SSO) and Multi-Factor Authentication (MFA) solutions? Our client, a technology-driven firm operating at scale, is looking for an SSO & MFA Lead Architect (new hire) to optimise their existing Okta environment and spearhead the transition to Entra ID. This role blends high-level architecture, hands-on engineering, and direct collaboration with application developers to ensure secure and seamless authentication for a fast-paced organisation...
Key Responsibilities
- Oversee and refine the firm’s SSO and MFA framework, serving as the go-to expert for Okta and Entra ID
- Lead the migration from Okta to Entra ID, ensuring efficient integration across cloud and on-prem systems
- Work closely with development teams to embed secure authentication into thousands of daily application releases
- Architect and implement scalable authentication solutions that enhance security while minimising user friction
- Transition legacy authentication protocols (Kerberos, NTLM, LDAP) to modern standards (SAML, OIDC, WS-Fed)
- Strengthen authentication by adopting passwordless and phishing-resistant solutions such as biometrics, passkeys, and FIDO2
- Diagnose and resolve complex authentication and access issues, ensuring uninterrupted operations
- Collaborate on privileged access strategies within Entra ID, working with wider security teams
Key Requirements
- 5+ years of experience designing and implementing enterprise authentication solutions, with deep expertise in Okta and Entra ID
- Strong knowledge of Active Directory, Kerberos, and identity federation for hybrid cloud environments
- Experience leading SSO platform migrations in large-scale organisations
- Ability to engage with engineering teams to integrate secure authentication workflows across applications
- Proficiency in conditional access, adaptive authentication, and zero-trust frameworks
- Familiarity with privileged access management (e.g. CyberArk, Entra ID) and identity governance (e.g. SailPoint) is advantageous
- Strong automation and API integration skills for authentication processes
- Excellent communication skills to influence stakeholders and translate security into business value
...
Apply for this role
All fields marked with * are required.