Job Description

About Xerox Holdings Corporation

For more than 100 years, Xerox has continually redefined the workplace experience. Harnessing our leadership position in office and production print technology, we've expanded into software and services to sustainably power the hybrid workplace of today and tomorrow. Today, Xerox is continuing its legacy of innovation to deliver client-centric and digitally-driven technology solutions and meet the needs of today's global, distributed workforce. From the office to industrial environments, our differentiated business and technology offerings and financial services are essential workplace technology solutions that drive success for our clients. At Xerox, we make work, work. Learn more about us at www.xerox.com.
This position supports the Identity and Access Management (IAM) program within Xerox Cyber Security organization. The qualified candidate is responsible for building and deploying effective IAM: SSO/MFA/Enterprise Directory technologies, solutions, and processes across the enterprise in collaboration with business, IT and other Cyber Security professionals.

Primary Responsibilities:

Design, implement, and manage Identity and Access Management solutions to ensure secure and efficient user access to systems and applications. Set up and support Single Sign-On (SSO) and multi-factor authentication (MFA) across various applications and cloud services using Entra ID. Integrate IAM solutions with existing directory services and authentication/Single Sign-On solutions (i.e. Azure AD/Azure B2C/Azure App Proxy/ForgeRock etc.) Set up identity federation for secure access to external applications and resources. Develop and enforce IAM access policies, roles, and permissions across the organization. Single Sign-On (SSO): Configure and manage SSO solutions to yield stable and reliable user authentication experience. Multi-Factor Authentication (MFA): Implement and enforce MFA to enhance the security of cloud accounts. Identity Federation: Set up identity federation for secure access to external applications and resources. Collaborate with stakeholders to gather requirements and ensure IAM solutions meet business needs. Participate in security audits and assessments to ensure compliance with industry regulations. Collaborate with other IAM engineers and architects on major initiatives. Be a strong individual contributor who improves IAM service offerings. Develop and maintain IAM technical documentation (run books & procedures), code repositories, and development environments. Provide guidance to IAM operations team and serve as escalation point for resolving operational incidents. Operate as a technical subject matter expert and advise project teams regarding integration with IAM technologies.

Knowledge and Skills Required:

3+ years of experience in IAM engineering specializing in SSO/MFA/Enterprise Directory Services for various projects. Hands-on experience with Microsoft Entra ID, Conditional Access Policy, Enterprise App Registrations, Azure App Proxy, and Azure B2C etc. Proficiency in IAM protocols and standards (SAML, OAuth, OpenID Connect, WS-Fed etc.). Understanding of Web technologies including HTTP/HTTPS, cookies and session management Expertise in Identity and Authentication solutions such as Microsoft Active Directory / Azure Active Directory / ForgeRock. Proficiency in one or more programming and scripting languages: Java, C++, PowerShell, Perl, Python etc. Ability to troubleshoot and resolve issues related to authentication, authorization and SSO configurations. Strong understanding of security best practices and principles. Strong written and verbal communication skills Experience working across multiple teams on projects Strong organizational and attention to detail skills Uncompromising personal and professional integrity and ethics

Education and Experience Required:

B.S in computer science, information systems, information security, engineering or related fields. Minimum 3 years of experience in the field of IT services with experience in Single Sign-On (SSO), MFA, Identity Federation, and Conditional Access Policy etc. Industry-standard security (such as CISSP) or IAM certifications (Microsoft Entra ID/ForgeRock etc.) would be a plus.



#L1 - SM1


#L1 - REMOTE