B2C Identity Engineer

The B2C Identity Engineer is responsible for designing, implementing, securing, and supporting customer-facing identity solutions using Azure Active Directory B2C, with a strong emphasis on custom policies, federation, and standards-based authentication. This role partners closely with application teams, Customer Data Management (CDM), security, and business stakeholders to deliver scalable and secure customer identity experiences while clearly articulating platform capabilities and limitations.
The ideal candidate has deep technical expertise in identity protocols and Azure PaaS services, thrives in complex authentication flows, and can quickly develop mastery of internally supported B2C policies and provisioning models.
________________________________________
Key Responsibilities
Identity Engineering & Platform Delivery
• Design, develop, and maintain Azure AD B2C Custom Policies using XML, claims transformations, orchestration steps, and extensions.
• Configure and manage Azure AD B2C application registrations, identity providers, user flows, and federation integrations.
• Implement and support authentication and authorization using OAuth 2.0, OpenID Connect (OIDC), and SAML.
• Develop and support identity-related services using:
o Azure Function Apps
o Azure App Services
o Azure Static Web Apps
o Azure Automation
• Support logging, monitoring, and troubleshooting using Azure Log Analytics and KQL.
• Participate in on call or escalation support for B2C authentication and federation issues.

Policy & Platform Expertise
• Rapidly gain in-depth understanding of internally supported B2C custom policies, including:
o HRD (Home Realm Discovery)
o JIT 3
o EVD
o Spark Mobile
• Support platform evolution efforts, including:
o Transitioning away from JIT2
o Enhancing or refactoring existing custom policies
• Understand and clearly communicate:
o Azure AD B2C platform limitations
o What is supported today
o What could be enabled with development effort
o What is not feasible within the B2C platform

Federation & Provisioning
• Support customer federation onboarding, including:
o Identity provider configuration
o Basic HRD and JIT3 federation patterns
o Partner communication and technical guidance
• Understand and support user provisioning and lifecycle processes across:
o Azure AD B2C
o CDM (Customer Data Management) or related downstream systems
• Collaborate with security and architecture teams to ensure compliant identity integrations.

DevOps & Automation
• Contribute to and maintain Azure DevOps Repositories for B2C policies and supporting services.
• Build and maintain Azure DevOps CI/CD pipelines for:
o B2C custom policies
o Infrastructure-as-code (where applicable)
o Supporting application components
• Use Git for version control, branching, and peer review.

Collaboration & Advisory
• Partner with application teams and developers to design secure and usable customer identity flows.
• Act as a trusted technical advisor to the business by translating identity concepts into clear, actionable guidance.
• Provide documentation and knowledge transfer to enable long-term platform sustainability.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

• Strong hands-on experience with Azure AD B2C, specifically Custom Policies.
• Solid understanding of identity and access management concepts, including:
o Claims-based authentication
o Federation
o Single sign-on (SSO)
• Experience implementing and troubleshooting OAuth 2.0, OIDC, and SAML integrations.
• Proficiency in:
o C#
o JavaScript
o PowerShell
o XML
o Git
• Experience working with Azure PaaS services, including Function Apps and App Services.
• Experience with CI/CD pipelines using Azure DevOps.
• Strong analytical and troubleshooting skills in complex, distributed systems.
• Comfortable operating in ambiguous or evolving identity environments.
• Strong documentation and communication skills.

• Experience supporting large-scale, customer-facing identity platforms.
• Deep experience with Azure AD B2C policy extensibility, REST technical profiles, and external claims providers.
• Working knowledge of KQL and Azure Monitor for identity diagnostics.
• Familiarity with identity-related security practices (conditional access concepts, token validation, least privilege).
• Experience communicating architectural tradeoffs to non-technical stakeholders.

Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.