Customer Identity & Access Management (CIAM) Engineer
Indexed description
About the role you are considering:
We are looking for a skilled CIAM Engineer with expertise in Transmit Security and Apigee to build secure, scalable, and seamless customer authentication solutions. The role focuses on password less authentication, fraud prevention, API security, and identity lifecycle management across web and mobile platforms.
Customer Identity & Authentication
- Design and implement Transmit Security CIAM solutions
- Enable password less authentication, adaptive MFA, and risk-based authentication (RBA)
- Implement FIDO2/WebAuthn, passkeys, biometrics, OTP, and push authentication
- Build authentication and registration journeys using Transmit Journey Orchestration
- Configure OIDC, OAuth 2.0, and SAML flows
- Manage identity lifecycle registration, login, step-up auth, recovery, consent, profile updates
- Use MongoDB for storing profiles, session data, device fingerprints, and fraud telemetry
Fraud & Risk Intelligence
- Integrate Transmit Risk & Fraud Intelligence via Apigee
- Apply device, behavioral, and network signals for authentication decisions
- Implement real-time risk scoring to prevent ATO, credential stuffing, and bot attacks
- Align fraud rules with Transmit policies and Apigee enforcement
Platform Engineering & DevOps
- Deploy solutions on AWS/GCP
- Build CI/CD pipelines using Infrastructure-as-Code
- Manage secrets, tokens, and certificates securely
- Ensure high availability, scalability, and performance
Security & Compliance
- Apply Zero Trust principles across identity and API layers
- Ensure compliance with PCI-DSS, SOC 2, GDPR
- Support audits with logs, access records, and fraud reports
- Perform threat modeling and security reviews
Apigee & API Integration
- Develop Apigee API proxies for identity and fraud services
- Implement OAuth/OIDC mediation, JWT validation, token introspection
- Configure policies for rate limiting, threat protection, and payload transformation
- Enable API security, analytics, and monitoring
- Support integrations across channels, CIAM, and backend systems
Troubleshooting & Optimization
- Resolve issues in authentication, tokens, and API proxies
- Optimize performance and user experience
- Promote adoption of passwordless and low-friction authentication
Required Skills
- Experience with Transmit Security and Apigee
- Knowledge of OAuth 2.0, OIDC, SAML, FIDO2/WebAuthn
- Hands-on with AWS/GCP, MongoDB, API security, CI/CD
- Strong understanding of Zero Trust and identity security
Capgemini offers a comprehensive, non-negotiable benefits package to all regular, full-time employees. In the U.S. and Canada, available benefits are determined by local policy and eligibility and may include
- Paid time off based on employee grade (A-F), defined by policy Vacation 12-25 days, depending on grade, Company paid holidays, Personal Days, Sick Leave
- Medical, dental, and vision coverage (or provincial healthcare coordination in Canada)
- Retirement savings plans (e.g., 401(k) in the U.S., RRSP in Canada)
- Life and disability insurance
- Employee assistance programs
- Other benefits as provided by local policy and eligibility
Important Notice Compensation (including bonuses, commissions, or other forms of incentive pay) is not considered earned, vested, or payable until it becomes due under the terms of applicable plans or agreements and is subject to Capgemini’s discretion, consistent with applicable laws. The Company reserves the right to amend or withdraw compensation programs at any time, within the limits of applicable legislation.
Disclaimers
Capgemini is an Equal Opportunity Employer encouraging inclusion in the workplace. Capgemini also participates in the Partnership Accreditation in Indigenous Relations (PAIR) program which supports meaningful engagement with Indigenous communities across Canada by promoting fairness, accessibility, inclusion and respect. We value the rich cultural heritage and contributions of Indigenous Peoples and actively work to create a welcoming and respectful environment. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law.
This is a general description of the Duties, Responsibilities and Qualifications required for this position. Physical, mental, sensory or environmental demands may be referenced in an attempt to communicate the manner in which this position traditionally is performed. Whenever necessary to provide individuals with disabilities an equal employment opportunity, Capgemini will consider reasonable accommodations that might involve varying job requirements and/or changing the way this job is performed, provided that such accommodation does not pose an undue hardship. Capgemini is committed to providing reasonable accommodation during our recruitment process. If you need assistance or accommodation, please reach out to your recruiting contact.
Please be aware that Capgemini may capture your image (video or screenshot) during the interview process and that image may be used for verification, including during the hiring and onboarding process.
Click the following link for more information on your rights as an Applicant in the United States. http//www.capgemini.com/resources/equal-employment-opportunity-is-the-law
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search