We are looking for a Senior IAM Engineer who is deeply hands on and passionate about building secure, scalable Single Sign On (SSO) and identity orchestration solutions. This is a pure individual contributor role focused on design, integration, automation, and troubleshooting—ideal for engineers who enjoy solving complex identity and authentication challenges in enterprise environments.
You will work closely with application, platform, and security teams to deliver robust identity solutions using Microsoft Entra ID, Okta, or OneLogin, while leveraging strong scripting, API, and infrastructure fundamentals.
• Design, build, and support SSO integrations using Microsoft Entra ID, Okta, or OneLogin.
• Develop and maintain custom SSO plugins and connectors for internal and third party applications.
• Implement and troubleshoot SAML 2.0, OAuth 2.0, OpenID Connect (OIDC), and SCIM integrations.
• Build and manage identity orchestration workflows for user provisioning, de provisioning, and access lifecycle management.
• Integrate IAM platforms with applications and services using REST APIs.
• Create and maintain scripts using Python and PowerShell to support IAM operations and automation.
• Work with infrastructure components such as TLS and certificate lifecycle management.
• Support SSO integrations involving DNS, reverse proxies, load balancers, and network security controls.
• Ensure IAM implementations follow security best practices and enterprise standards.
• 7–10 years of hands on experience in Identity and Access Management (IAM) or security engineering roles.
• Strong, practical experience implementing SSO with Azure Entra ID.
• Proven experience developing custom SSO plugins or integrations.
• Solid understanding of identity orchestration concepts and user lifecycle management.
• Strong scripting skills with Python and PowerShell.
• Experience working with REST APIs for identity and application integrations.
o Hands on experience with at least 2 SSO platform - Microsoft Entra ID, Okta, OneLogin
• Strong infrastructure fundamentals, including:
o TLS / certificate lifecycle management
o DNS
o Reverse proxies
o Load balancers
At Tesco, inclusion is at the heart of everything we do. We believe in treating everyone fairly and with respect, valuing individuality and uniqueness to create a true sense of belonging. Diversity and inclusion are deeply embedded in our values—we treat people how they want to be treated. Our goal is for all colleagues to feel they can be themselves at work, and we are committed to helping them thrive. Across the Tesco group, we are building an inclusive workplace that actively celebrates the cultures, personalities, and preferences of our colleagues, who in turn contribute to the success of our business and reflect the diversity of the communities we serve.
At Tesco Bengaluru, we are proud to be a Disability Confident Committed Employer, highlighting our commitment to creating a supportive environment for individuals with disabilities. We are dedicated to offering equal opportunities for all candidates and encourage applicants with disabilities to apply. Our recruitment process is fully accessible, and we are happy to provide reasonable adjustments during interviews. If you need any accommodations to participate in the recruitment process, please let us know. We are here to ensure that everyone has the chance to succeed.
We also believe in fostering a work environment where you can excel both professionally and personally. Our hybrid model allows you to work flexibly—spend 60% of your week collaborating in person with colleagues at our office locations or local sites, and the rest of the time working remotely. We understand that everyone’s life journey is unique, whether you are starting your career, pursuing passions, or navigating life changes, and we are here to support you. Flexibility is a core part of our culture, and we encourage open conversations about how we can best accommodate your needs, so talk to us throughout your application process on the support required.