EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.
We are seeking a Senior Software Engineer (Azure Identity) to join our identity transformation team and lead the migration from legacy authentication systems to secure, modern Microsoft Entra ID–based Single Sign-On (SSO) solutions.
Responsibilities
- Migrate application authentication from legacy protocols such as LDAP and Integrated Windows Authentication to Entra ID SSO using SAML or OIDC
- Classify applications, estimate migration effort and determine the optimal SSO pattern for each application, including SAML, OIDC/OAuth2, legacy, on-premises and SaaS
- Support hybrid identity prerequisites including UPN strategy, identity matching and duplicate resolution, with an understanding of Entra Connect and Cloud Sync impact
- Configure and onboard enterprise applications in Entra ID, including SSO setup, claims mapping, group and role assignments and SCIM provisioning
- Conduct testing, validation and cutover activities for migrated applications
- Support hybrid identity configurations such as Entra Connect and Cloud Sync
- Manage App Registrations, service principals, API permissions and consent, as well as credential lifecycle including secret and certificate rotation and expiry monitoring
Requirements
- Bachelor’s or Master’s degree in Computer Science, Information Technology, Cybersecurity or a related field
- At least 3 years of experience in Azure Identity and Access Management
- Proven experience migrating application authentication from AD and other legacy IdPs to Microsoft Entra ID using SAML and OIDC/OAuth2, including cutover and rollback
- Experience with Microsoft Entra PIM and Azure RBAC, including eligible roles, JIT access, approvals, access reviews and auditability
- Excellent stakeholder management, communication and documentation skills
- Ability to work independently and collaborate effectively with cross-functional teams
- Proficiency in English, written and spoken (B2+)
Nice to have
- Experience implementing and configuring Microsoft Entra PIM, including eligible roles, JIT activation, approvals and time-bound access
- Knowledge of PIM deployment planning such as pilot testing, role discovery and communication strategies
We offer
- We believe that the greatest strength of the company is its people. EPAM is fully committed to help its employees to reach their full potential and achieve their professional goals through continues learning. With this in mind, we would like to introduce to you few of the many opportunities and services which we believe will help you expand your current knowledge:
- Full access to cutting-edge tools and technologies
- Competitive compensation depending on experience and skills
- All-around Social package: professional & soft skills training, medical & family care programs, sports
- Relocation opportunities
- Free English classes
- Unlimited access to LinkedIn learning solutions
- Continuous experience exchange with experts and professionals worldwide
- Friendly team and comfortable working environment
- Engineering, corporate, and social events within and outside the Company
- Flexible working schedule
- Opportunities for self-realization
