Identity Infrastructure Engineer

About us:

Working at Tech Holding isn't just a job, it's an opportunity to be a part of something bigger. We are a full-service consulting firm that was founded on the premise of delivering predictable outcomes and high-quality solutions to our clients.  Our founders and team members have industry experience and have held senior positions in a wide variety of companies – from emerging startups to large Fortune 50 firms – and we have taken our combined experiences and developed a unique approach that is supported by the principles of deep expertise, integrity, transparency, and dependability.

About the Role

We are seeking an experienced Identity Infrastructure Engineer to drive our cloud application Identity Provider (IdP) migration initiative. This role will be responsible for migrating authentication and authorization solutions from legacy identity providers to modern identity solutions, ultimately enabling the full deprecation of virtualized application streaming services.

In this role, you will work with a cross-functional team to design and implement secure identity solutions while ensuring seamless transitions for users and applications. The ideal candidate has extensive experience with cloud identity services, directory services, and modern authentication systems.

Key Responsibilities

Technical Leadership & Architecture

• Contribute to the migration paths between identity providers and directory services
• Architect solutions addressing immediate authentication requirements
• Develop comprehensive identity architecture for sunsetting legacy systems
• Ensure all solutions comply with enterprise security standards
• Troubleshoot complex identity and access management issues

System Integration & Implementation

• Execute migration plans across multiple applications and systems
• Integrate with various cloud services and identity providers
• Build and maintain infrastructure as code (IaC) for identity solutions Develop automated identity workflows and migration processes

Discovery & Documentation

• Document existing identity components, directory integrations, and application dependencies
• Analyze and resolve authentication path issues
• Assess identity architecture security posture and recommend improvements

Project Management & Collaboration

• Work directly with application owners to understand and address specific authentication needs
• Coordinate with security teams to ensure compliance with security requirements
• Communicate effectively about migration status, timelines, and risk mitigation Provide regular status updates and documentation of completed work

Qualifications

Required Skills & Experience

• 5+ years of hands-on experience with AWS services
• 3+ years of experience implementing and managing identity federation solutions
• Deep knowledge of identity protocols (SAML, OAuth, OIDC, etc.)
• Strong experience with Okta, Active Directory, and LDAP
• Practical experience migrating between identity providers
• Experience with Control Tower and cross-account IAM permissions.
• Proficiency in infrastructure as code tools (CloudFormation, Terraform)
• Strong scripting skills (Python, Bash, PowerShell)
• Experience with CI/CD pipelines and DevSecOps practices

Nice to Have

• Familiarity with AWS Well-Architected principles.
• Previous experience with enterprise-scale identity migrations
• Experience with AWS AppStream or similar virtualization/streaming technologies
• Experience with legacy application authentication refactoring
• AWS Certifications:
  • Solutions Architect
  • Security Specialty
  • SysOps Administrator

Tech Holding is proud to be an Equal Opportunity Employer and is committed to fostering a diverse and inclusive workplace. We welcome applicants from all backgrounds and experiences, and we consider qualified applicants without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, disability, veteran status, or any other legally protected characteristic. If you require accommodation in the application process, please contact our HR