Principal Systems Engineer

Job Description:

Principal, System Engineering

Job Description:

In this role on the Authentication Controls team, your primary responsibility will be to own and operate Authentication and MFA solutions handled in Fidelity’s Environment.  As a Principal SSO & MFA Engineer you need to lead the design, implementation, and optimization of enterprise authentication solutions. This role requires end-to-end ownership of projects, from requirements gathering through delivery, ensuring seamless integration of SSO and MFA across business and customer applications. The engineer will serve as a subject matter expert on identity and access security, driving adoption of modern authentication standards (SAML, OAuth, OIDC) and enforcing MFA and conditional access policies in alignment with Zero Trust principles. In addition to engineering and operational responsibilities, partnering with stakeholders to ensure compliance and business enablement, and proactively identifying and remediating authentication risks We operate in an Agile framework where you will have an opportunity to participate in sprint planning to provide prioritization, and realistic and achievable estimates. You will also contribute towards continuous improvement efforts aimed at increasing the efficiency and velocity of the team.

The Value You Deliver

Authentication Controls team is a critical part of the Access Controls and Engineering organization within Fidelity’s Enterprise Cybersecurity unit providing access and authentication services and solutions to users and applications across all of Fidelity’s business units.  Provide services to external business partners working with Fidelity.

The qualified candidate must be adaptable and able to work in a fast-paced environment where learning new skills and understanding new system architectures quickly is a key to success.  In this role you will engineer, deploy, support, and maintain vendor product solutions in the areas of single-sign on, web services API authorization, and two-factor authentication.  Our team provides services to hundreds of internal BU customers as well as external partners.  We leverage an agile development process and operate in a combined engineering / operations DevOps model.

The Skills that are Key to this role

Technical /  Behavioral

• 10+ years of IT experience
• Bachelor’s degree in computer science/engineering, Information Systems/Science, or a closely related discipline.
• Strong understanding on Authentication and Authorization.
• Work closely with Architecture teams to understand business requirement, work on PoC’s.
• Demonstrate strong technical skill set to guide team.
• Strong understanding of different SSO products like PingFederate, PingAccess, Microsoft EntraID.
• Strong understanding of MFA, password-less authentication, Zero Trust.
• Strong understanding of protocols like SAML, OAuth, OIDC and WS-Trust.
• Work closely with application teams in the enterprise to onboard applications for SSO.
• Experience on DR and resiliency, strong troubleshooting skills.
• Strong understanding of API’s.
• Member of DEVOPs team with on-call rotation responsibilities
• Exposure to automation would be an added benefit. Identify automation opportunities and drive the same. (Eg: Python, PowerShell)
• Good understanding of Cloud technology.
• Rotating on-call support .
• Excellent verbal and written communication skills.
• Strong in problem solving and analytical skills.
• Ability to work on multiple projects by prioritizing.
• Results oriented.
• Quick learner of new tools and technologies
• Cloud (Azure/AWS), Ping Identity, ITIL certificates are an advantage.

The Skills that are Good To Have for this role

• Good understanding of application life cycle management.
• Ability to work independently with minimal supervision in order to define and implement complex projects.
• Ability to provide project management and senior technical personnel consulting, including project definition and task identification.
• Good collaboration skills to work across different teams.
• Good documentation skills.
• Strong written and verbal communication skills to interact at all levels of the Fidelity organization, from senior executives to technical experts.

How Your Work Impacts the Organization

Enterprise Cyber Security (ECS) function aims to safeguard the information, assets and privacy of our customers and clients. Securing the information from a wide range of threats in order to ensure business continuity, minimize business risk, and maximize return on investments.

Certifications:

Category:

Information Technology