DigiHelic Solutions - DevOps Security Engineer - CIAM Solutions

Location : Pune.

Experience : 8+ Years.

JD :

CIAM Deployment & Operations :

- Build and operate highly available CIAM infrastructure and applications using IaC.

- Automate the deployment and configuration of identity services (e.g., Transmit Security, Azure AD B2C, Auth0, ForgeRock, etc.)

- Integrate reverse proxies, WAFs (e.g., F5, Azure Front Door), and API gateways for internet-facing identity endpoints.

- Deploy and manage secure CIAM workloads in Azure (App Services, Kubernetes, Azure Functions, Key Vault, App Gateway).

Security Engineering & Hardening :

- Implement and enforce secure defaults for CIAM components (e.g., rate limiting, MFA enforcement, token protection).

- Automate secrets management and certificate rotation for CIAM services and dependencies.

- Integrate identity protection signals (risk-based access, fraud detection) with application workflows.

- Monitor infrastructure using native and bespoke tools and building custom dashboards for Engineering and Operations duties.

DevOps & CI/CD :

- Harden CI/CD pipelines for CIAM service delivery, including shift-left security scanning.

- Create reusable deployment patterns and modules for secure multi-region or multi-tenant CIAM deployments.

- Support developers in securely integrating with OAuth2, OIDC, SAML, and federation patterns.

Collaboration & Incident Support :

- Participate in security reviews for new customer-facing features or identity integrations.

- Act as an SME in CIAM-related incident response and postmortem analysis.

- Collaborate with product, development, and compliance teams to align on secure identity practices.

Required Qualifications :

- 8+ years in DevOps, Cloud Engineering, or Platform Security roles, ideally with CIAM experience.

- Hands-on experience with public cloud deployments (Azure preferred) and CI/CD automation.

- Deep understanding of internet-facing app security : TLS, WAFs, reverse proxies, JWT/OAuth token handling.

- Strong experience with infrastructure as code and scripting (Python, PowerShell, Bash).

- Familiarity with modern identity standards (OAuth2, OIDC, SAML) and threat models.

- Experience managing authentication and authorization services at scale for external users.

Preferred Qualifications :

- Experience with CIAM platforms like Transmit, ForgeRock, Auth0, Ping, or Azure AD B2C.

- Understanding of Zero Trust architectures.

- Familiarity with DDoS mitigation and secure web gateway integration.

- Exposure to cloud-native observability stacks and runtime security.

- Azure and IT security certifications.