Solutions Architect
Brillio
Job Description
We are looking for an experienced Solution Architect with a strong software development background and deep expertise in AWS Cognito to design and implement secure, scalable, and cloud-native Identity and Access Management (IAM) solutions.
The ideal candidate should have hands-on experience in designing Customer Identity and Access Management (CIAM) solutions, integrating identity providers, and building authentication and authorization services using AWS Cognito. Experience with Okta or Ping Identity is highly desirable.
Key Responsibilities
- Design and architect enterprise-grade identity and access management solutions using AWS Cognito.
- Lead the design and implementation of CIAM solutions for customer-facing applications.
- Develop secure authentication and authorization frameworks using OAuth 2.0, OpenID Connect (OIDC), and SAML 2.0.
- Design user authentication flows, including MFA, password less authentication, social login, and federation.
- Integrate AWS Cognito with enterprise applications, APIs, and third-party identity providers.
- Work closely with application development teams to implement secure identity services.
- Develop reusable authentication libraries, APIs, and SDK integrations.
- Architect secure API authentication using JWT, OAuth, and Cognito User Pools.
- Design Identity Federation with enterprise identity providers such as Okta, Ping Identity, or Microsoft Entra ID.
- Ensure compliance with security best practices, Zero Trust principles, and regulatory requirements.
- Participate in architecture reviews, code reviews, and technical design discussions.
- Support CI/CD implementation and Infrastructure as Code (IaC) for identity services.
- Provide technical leadership and mentor development teams on identity architecture.
Required Technical Skills
AWS Identity Services (Mandatory)
- AWS Cognito (Essential)
- User Pools
- Identity Pools
- Hosted UI
- Lambda Triggers
- Custom Authentication Flows
- Federation
- JWT Tokens
- Groups and Roles
- Multi-Factor Authentication (MFA)
Identity & Access Management
- IAM concepts
- Customer Identity and Access Management (CIAM)
- Role-Based Access Control (RBAC)
- Attribute-Based Access Control (ABAC)
- Identity Federation
- Single Sign-On (SSO)
Authentication Protocols
- OAuth 2.0
- OpenID Connect (OIDC)
- SAML 2.0
- JWT
- PKCE
Cloud Platforms
- AWS
- API Gateway
- Lambda
- CloudFront
- Route 53
- CloudFormation / Terraform
Development Skills
- Java or Node.js (preferred)
- Python (good to have)
- RESTful APIs
- Microservices
- Spring Boot (if Java)
- AWS SDKs
DevOps
- Git
- CI/CD pipelines (GitHub Actions, Jenkins, AWS Code Pipeline)
- Docker
- Kubernetes/EKS (preferred)
- Infrastructure as Code (Terraform or CloudFormation)
Preferred Skills
- Experience with Okta, Ping Identity, or Microsoft Entra ID.
- Experience designing multi-tenant identity solutions.
- Hands-on experience with Zero Trust security architecture.
- Knowledge of AWS Well-Architected Framework.
- Experience integrating identity services with mobile and web applications.
- Exposure to serverless application architectures.
- Understanding security standards such as PCI DSS, GDPR, HIPAA, or SOC 2.
Experience
- 10+ years of software development and solution architecture experience.
- Minimum 5 years of hands-on experience with AWS Cognito.
- Proven experience designing enterprise IAM/CIAM solutions.
- Experience delivering cloud-native applications on AWS.
- Strong background in secure application development and API security.
Required Skills
Share
Quick Apply
Upload your resume to apply for this position