Manager, SSO Federation

Tech Remote, United States Req. UMG-5346


We are UMG, the Universal Music Group. We are the world’s leading music company. In everything we do, we are committed to artistry, innovation, and entrepreneurship. We own and operate a broad array of businesses engaged in recorded music, music publishing, merchandising, and audiovisual content in more than 60 countries. We identify and develop recording artists and songwriters, and we produce, distribute, and promote the most critically acclaimed and commercially successful music to delight and entertain fans around the world.

How you’ll LEAD:

We are currently seeking a Manager in SSO and Federation space with deep level expertise in Azure federation services including ADFS, Azure B2B and B2C, and Azure Risk Identity Product offerings.

A successful candidate will bring deep technical and software expertise, strong business acumen and judgment. Utilizing your experience with on-prem and Cloud IAM services you will manage the team to transition applications to Azure making use of Identity Federation protocols such as SAML2, WS-Federation, Kerberos, OAuth2 and OpenID Connect (OIDC).  You also must have experience and understanding of modern Identity & Access Management concepts and best practice.

In addition to having strong technical skills, you must be comfortable in effectively communicating with business end users, technical IT teams, business partners, network providers, and business process outsourced vendors, all while being sensitive to a wide diversity of cultural and technical backgrounds in a global business environment.

How you’ll CREATE:

  • Ability to manage application movement to modern authentication in the multi-cloud environment through use of SSO and Federation. 
  • Manage a team that help Design, develop, deploy, integrate, and support Single Sign On (SSO) using DevOps model for all types of devices.
  • Manage a team that help Develop, maintain, support, and troubleshoot UMG’s in house and vendor applications hosted in Private/Public Clouds,
  • Plan and develop security measures to safeguard information against accidental or unauthorized modification, destruction, or disclosure. 
  • Produce and implement enterprise-level designs for Azure authentication and on prem AD, as wells as Azure AD/B2B authentication for global initiatives.  
  • Collaborate with infrastructure and operations teams to provide architectural and technical guidance. 
  • Lead steady state and continuous improvement efforts for Authentication technologies for globally diverse solutions. 
  • Coordinate between infrastructure, application, and threat monitoring teams to ensure the timely and successful delivery of solutions. 
  • Provide support for the Identity and Authentication team.  
  • Support the enterprise SSO platform to enable a secure and enhanced authentication experience for enterprise users.  
  • Knowledge and experience with information security, Authorization and Authentication systems, infrastructure and implementation techniques is a key component to this role. 
  • Maintain accurate documentation of processes for areas of responsibility. 

Bring your VIBE:

  • 10+ years of experience in Federation space and 3+ years of experience managing a team
  • Thorough knowledge and work experience on Azure Active Directory Federation Services and related authentication/authorization technologies
  • Strong hands-on experience with industry standard SSO technologies and protocols (SAML, OAuth2.0, OpenID Connect, WS-Fed, FIDO, SCIM, LDAP, Kerberos, NTLM) 
  • Understanding of API design concepts, RESTful Services, and modern application interaction patterns 
  • Strong hands-on experience with securing APIs with OAuth 2.0 and other means.
  • Experience in extending or integrating on premises AD with Azure based AD
  • Expert Knowledge on Azure AD conditional access as well as Azure B2B /B2C
  • Experience in creating application configuration in Azure AD Federation and supporting SSO infrastructure including conditional access.
  • Hands on experience on tools like SCOM, App Insight, Splunk etc.
  • Ability to utilize various programming or scripting languages such as Shell scripting, Perl, Python, JavaScript, HTML and PowerShell 
  • Familiarity with deployments and integration of IAM solutions within the cloud (Azure, AWS, GCP) 
  • Experience in managing large-scale, global projects and programs 
  • Familiarity with IT security and risk management practices 
  • Bachelor’s Degree in Computer Science, Engineering, Network Security, or related field
  • Demonstrated excellent technical writing skills and team management experience
  • IT Certifications including Microsoft Certifications, CISSP, SANS, Security+, and ITIL v3 Foundation certifications
  • International experience beneficial; multiple language skills a plus

Perks Playlist:

  • Competitive Compensation Package including Salary, Benefits and Generous 401k Savings Plan
  • Paid Time Off – Paid Holidays, “Winter Break”, Summer Fridays
  • Student Loan Repayment Assistance
  • Employee Developmental Support
  • Annual Gym Reimbursement Package
  • Pet Insurance, plus much more!

Universal Music Group is an Equal Opportunity Employer

Disclaimer: This job description only provides an overview of job responsibilities that are subject to change