B2C Identity Engineer

B2C Identity Engineer

The B2C Identity Engineer is responsible for designing, implementing, securing, and supporting customer-facing identity solutions using Azure Active Directory B2C, with a strong emphasis on custom policies, federation, and standards-based authentication. This role partners closely with application teams, Customer Data Management (CDM), security, and business stakeholders to deliver scalable and secure customer identity experiences while clearly articulating platform capabilities and limitations. The ideal candidate has deep technical expertise in identity protocols and Azure PaaS services, thrives in complex authentication flows, and can quickly develop mastery of internally supported B2C policies and provisioning models.

Key Responsibilities

• Identity Engineering & Platform Delivery
• Design, develop, and maintain Azure AD B2C Custom Policies using XML, claims transformations, orchestration steps, and extensions.
• Configure and manage Azure AD B2C application registrations, identity providers, user flows, and federation integrations.
• Implement and support authentication and authorization using OAuth 2.0, OpenID Connect (OIDC), and SAML.
• Develop and support identity-related services using:
• Azure Function Apps
• Azure App Services
• Azure Static Web Apps
• Azure Automation
• Support logging, monitoring, and troubleshooting using Azure Log Analytics and KQL.
• Participate in on call or escalation support for B2C authentication and federation issues.
• Policy & Platform Expertise
• Rapidly gain in-depth understanding of internally supported B2C custom policies, including:
• HRD (Home Realm Discovery)
• JIT 3
• EVD
• Spark Mobile
• Support platform evolution efforts, including:
• Transitioning away from JIT2
• Enhancing or refactoring existing custom policies
• Understand and clearly communicate:
• Azure AD B2C platform limitations
• What is supported today
• What could be enabled with development effort
• What is not feasible within the B2C platform
• Federation & Provisioning
• Support customer federation onboarding, including:
• Identity provider configuration
• Basic HRD and JIT3 federation patterns
• Partner communication and technical guidance
• Understand and support user provisioning and lifecycle processes across:
• Azure AD B2C
• CDM (Customer Data Management) or related downstream systems
• Collaborate with security and architecture teams to ensure compliant identity integrations.
• DevOps & Automation
• Contribute to and maintain Azure DevOps Repositories for B2C policies and supporting services.
• Build and maintain Azure DevOps CI/CD pipelines for:
• B2C custom policies
• Infrastructure-as-code (where applicable)
• Supporting application components
• Use Git for version control, branching, and peer review.
• Collaboration & Advisory
• Partner with application teams and developers to design secure and usable customer identity flows.
• Act as a trusted technical advisor to the business by translating identity concepts into clear, actionable guidance.
• Provide documentation and knowledge transfer to enable long-term platform sustainability.