Azure AD B2C Architect

Role DescriptionPosition: Azure AD B2C ArchitectLocation: Houston, TexasEmployment Type: ContractExperience Level: 8+ yearsPosition Overview:We are seeking an experienced Azure AD B2C Architect to lead the implementation, adoption, and support of Azure Active Directory B2C for our business unit. The project has three primary objectives:The first objective (Initial Configuration) of the project is to set up and configure Azure AD B2C, including scripting the deployment using Azure DevOps Pipelines. This will involve defining custom policies with login and registration flows, registering the application, and configuring the appropriate settings, etc.The second objective of the project is to provide implementation for subsequent business units that may require Azure AD B2C in the future. This will include an overview for expanding the Azure AD B2C environment, including the necessary infrastructure, licenses, and resources required.The third objective of the project to provide ongoing maintenance and support for the Azure AD B2C environment for BUs. This will include regular monitoring, troubleshooting and support as needed. This will commence after Initial Configuration has been deployed into ring.Responsibilities:Azure B2C Implementation best practices and ArchitectureAdvise and Configure Azure B2C tenant, including multi-tenant setups and user flows.Architect and implement custom policies and user flows tailored to business needs.Configure identity providers (e.g., Google, Facebook, Microsoft), ensuring seamless integration and user experience.Implement and manage **custom domains**, branding, and scaling strategies for B2C in production environments.Security & Best PracticesEnsure the security of user identities, including implementing Multi-Factor Authentication (MFA).Manage and rotate application secrets using Azure Key Vault and managed identitiesImplement and manage OAuth2 flows, token expiry, and refresh strategies across multiple environments and technologies.Migration Strategy & ExecutionPlan and execute migration from legacy authentication systems to **Azure B2C** with minimal disruption.Design a phased migration approach to ensure smooth transitions with minimal user downtime.Cross-Application Identity HandlingArchitect solutions for synchronized user authentication across Classic ASP and .NET Core applications.Implement Single Sign-On (SSO) strategies across legacy and modern applications.Develop session and token management strategies that ensure seamless operation between different technologies and environments.Collaboration & LeadershipCollaborate with engineering, security, and product teams to align identity management solutions with business objectives.Provide technical leadership and mentorship to engineering teams to ensure best practices are followed.Document architecture, design decisions, and provide guidance for maintaining Azure B2C environments.Requirements:5+ years of experience with Azure Active Directory B2C architecture, configuration, and administration.In-depth knowledge of custom policies, user flows, and identity provider integration.Strong experience with OAuth2, OpenID Connect, and SAML protocols.Hands-on experience with Azure Key Vault, Azure Managed Identities, and Azure AD Conditional Access.Familiarity with migrating legacy authentication systems to **Azure B2C** and managing hybrid environments.Experience with Single Sign-On (SSO) solutions and identity synchronization across legacy and modern apps (Classic ASP and .NET Core).Strong understanding of security best practices in user identity management, MFA, and secrets management.Ability to design and implement token management strategies across distributed systems.Excellent communication skills and the ability to collaborate with cross-functional teams.Microsoft Azure certifications (e.g., AZ-500, AZ-300) are a plus.Preferred Skills:Experience with Classic ASP and .NET Core identity management.Strong analytical skills and problem-solving abilities.Experience leading teams in complex cloud-based architecture projects.