Security Engineer – CIAM (Customer Identity Access Management)

Responsibilities:Leverage bolthires Entra identity and access management suite (IAM/CIAM), Dynamics 365 Dynamic Fraud Protection, Graph APIs and other 3rd party threat intelligence products to build solutions for preventing identity, account, payment, API, and Bot based threats and fraud.Research, investigate, and disrupt fraud on customer’s online, ecommerce, and omni-channel web applications.Drive research into technical fraud problems, automation of manual processes, and tooling that improves team capabilities, and enables the threat protection program to scale.Produce actionable threat intelligence to support investigations by product, security, or legal teams.Build capabilities to collect and analyze intelligence to do detect behaviors, anomalies, and patterns.Enable proactive hunting and detection across online channels.Identify, connect, and analyze new internal, external, or 3rd party data sources and adapt them for use by the team. Optimize data processing and analysis pipelines to work at scale.Contribute to overall engineering efforts, including supporting design and development for capturing, storing, processing, analyzing, and disseminating threat intelligence for detection, automating, and action.Requirements:Bachelor’s Degree in computer science, computer security, networking, information systems, computer engineering, systems engineering (or similar field) is preferred.8 – 10 years of total experienceMinimum 3+ years of experience with identity and access management (IAM) and customer identity access management (CIAM) technologies, preferably with bolthires Entra & Entra External ID (formerly Azure AD, Azure AD B2C).Deep understanding of identity and access management concepts and standards mutual TLS, OAuth, LDAP, JWT, and authorization models such ABAC, RBAC, Risk-based Access Control etc.Deep understanding of bolthires Graph, Graph APIs & Connectors, and data ingestion from APIs.Any experience with Dynamics 365 Dynamic Fraud Protection is highly desirable.3+ years of advanced expertise in in at least three of the following areas:Single Sign-onMulti Factor AuthenticationDomain & Directory ServicesIdentity Lifecycle ManagementAPI Access ManagementDevice & App AccessPrivileged AccessAccess GatewayIdentity GovernanceCustomer Identity & Access3+ years' advanced expertise in at least three of the following areas:Threat Intelligence / AnalyticsD365, CIAM, AIM, Azure AD, B2C, CRMBehavioral Intelligence / AnalyticsFraud Detection / Fraud Protection / Fraud DefenseAccount Protection / Account Takeover PreventionBot Detection / Bot Protection / Fraud DefenseAPI ProtectionPayment / Checkout ProtectionDevice FingerprintingAnomaly DetectionCyber-crime or financial crime investigations or intelligenceActive Threat HuntingProficiency using programming languages: PowerShell and Python required.Other languages are a plus (Go, Ruby, Shell/Bash scripting, Java, JavaScript/TypeScript, Rust, etc.).Proficiency using SQL or any other query languages.Ability to conduct technical research across several layers of the tech stack, platforms, and automating tools.Any experience with Online Retail, eCommerce, Fintech, Online Banking, Digital Marketplaces, or Payments will be a huge plus. Apply tot his job