CIAM Engineer

CIAM Engineer Location: Newark, CA Duration: 6 month Contract Pay Rate: $65-$75/hourly (W2) Requirements 1. Minimum 7 years experience with Protocols: Deep expertise in OAuth2, OIDC, SAML, and JWT (JSON Web Tokens). 2. Minimum 7 years experience with Development: Proficiency in JavaScript/Node.js/React (since Auth0 Actions/Rules run on Node) and familiarity with frontend frameworks like React, Angular, or Vue. 3. Identity Concepts: Understanding of RBAC (Role-Based Access Control), ABAC (Attribute-Based Access Control), and Fine-Grained Authorization (FGA). 4. Minimum 7 years experience with APIs: Strong experience with RESTful API design and secure system-to-system communication (M2M). Role Overview The CIAM Specialist (7+ years of experience) is responsible for designing, implementing, and securing the Customer Identity layer of customer-facing applications. This role focuses on seamless user registration, high-scale authentication, application integration and protecting customer data along with the user experience. Key Responsibilities Solution Architecture: Design end-to-end authentication and authorization flows using OAuth 2.0, OpenID Connect (OIDC), and SAML. Auth0 Implementation: Configure and manage Auth0 Tenants, including custom Actions, Rules, and Hooks to extend platform functionality. Integration: Embed Auth0 SDKs into various application environments (SPAs, Mobile, and Microservices) and integrate with third-party Identity Providers (IdPs) like Google, Apple, or enterprise SAML providers. Security & Compliance: Implement Multi-Factor Authentication (MFA), Adaptive MFA, and Bot Detection. Ensure the platform meets regulatory standards like GDPR, CCPA, or HIPAA. Customization: Develop custom sign-up/login pages (Universal Login) and implement branding that matches the company’s digital identity. Automation (IdC): Manage identity configurations as code using Terraform or the Auth0 Deploy CLI to ensure consistent environments across Dev, Staging, and Production. User Migration: Designing and executing scripts for "Lazy Migration" or bulk imports of user data from legacy databases into Auth0 without forcing password resets. Debugging & Observability: Utilizing the Auth0 Dashboard, log streaming (to tools like Splunk or Datadog), and the Management API to troubleshoot failed authentication flows and token issues. Custom Login Flows: Developing and styling Universal Login pages to provide a consistent brand experience across multiple web and mobile properties. Required Technical Skills Protocols: Deep expertise in OAuth2, OIDC, SAML, and JWT (JSON Web Tokens). Development: Proficiency in JavaScript/Node.js/React (since Auth0 Actions/Rules run on Node) and familiarity with frontend frameworks like React, Angular, or Vue. APIs: Strong experience with RESTful API design and secure system-to-system communication (M2M). Identity Concepts: Understanding of RBAC (Role-Based Access Control), ABAC (Attribute-Based Access Control), and Fine-Grained Authorization (FGA). Candidate Requirements Years of Experience Required: 7+ overall years of experience in the field. Degrees or certifications required: Bachelor's degree preferred . Auth0 Certification: Professional or Expert level certification preferred. Preferred Qualifications Auth0 Certification: Professional or Expert level certification. Cloud Platforms: Experience with AWS, Azure, or GCP identity services. Security Tools: Familiarity with SIEM/SOAR integrations (e.g., Splunk, Datadog) for monitoring identity threats. Directory Services: Experience with LDAP, Active Directory, or other user stores. Applicants should apply via The Mice Groups Inc. website (www.MiceGroups.com) or through this careers site posting. We are an equal opportunity employer and value diversity at The Mice Groups Inc. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. Pursuant to the Los Angeles Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. The Mice Groups Inc. values your privacy. Please consult our Candidate Privacy Notice, for information about how we collect, use, and disclose personal information of our candidates. Privacy Policy One of the basic principles The Mice Groups follows in designing and operating this website is that we ask for only the information we need to provide the service you’ve requested. The Mice Groups does not currently collect personal identifying information via its website except (i) to the extent that you provide this information in an online job application and (ii) to the extent that your web browser provides personal identifying information. The Mice Groups will use your personally identifying information solely for the purpose for which you submitted the information. The Mice Groups may, however, aggregate certain elements of your personal identifying information with the information of other users of our website to analyze the usefulness and popularity of various web pages on its website. The Mice Groups reserves the right to change this policy at any time by posting a new privacy policy at this location. Questions regarding this statement should be directed to info@micegroups.com