Azure AD B2C DevOps Engineer (IEF) - Contract - London

We are supporting a large, internationally recognised organisation within the healthcare and insurance sector who are undertaking a major identity modernisation initiative. They are seeking an experienced Azure AD B2C DevOps Engineer with deep Identity Experience Framework (IEF) expertise to design, secure and operationalise advanced customer authentication journeys as part of a strategic platform transformation.

INSIDE IR35
HYBRID WORKING

Key Responsibilities

Identity Experience Framework (IEF) Design & Engineering

• Develop, customise, and maintain complex IEF- based policies including:

  • User registration with enriched claims

  • Sign-in journeys for both local and federated identities

  • Password reset, account recovery and profile update flows

  • Multi-Factor Authentication (email, SMS, authenticator app)

• Embed custom UI templates ensuring visual alignment with the client's ecosystem, branding and localisation standards.

Application & Tenant Configuration

• Register and configure applications (portals, admin tools, APIs) within Azure AD B2C.

• Establish multi-tenant trust models enabling authentication across multiple Azure AD directories.

• Configure federated identity providers using OpenID Connect and SAML.

• Implement claims transformation logic to unify identity attributes from different identity sources.

Security & Compliance

• Define token lifetimes, refresh behaviours, signing/encryption key usage and secure token policies.

• Apply modern identity security standards including:

  • PKCE

  • Strict HTTPS redirect enforcement

  • Removal of implicit flows

• Support conditional access, MFA enforcement and identity security hardening.

Testing, Deployment & Documentation

• Validate end-to-end policy journeys across DEV, UAT and PROD environments.

• Support automated deployment, policy versioning and dependency management.

• Produce detailed documentation covering the trust framework, structures, extensions and operational runbooks.

Knowledge Transfer

• Deliver technical handover sessions to internal identity and IT teams.

• Provide deployment scripts, documentation and ongoing support guidance.

• Advise on scalability, long-term support and future policy enhancements.

Required Skills & Experience

• Proven hands-on experience with Azure AD B2C IEF Policy Authoring:

  • TrustFrameworkBase.XML

  • TrustFrameworkExtensions.XML

  • RelyingParty.XML

• Strong understanding of:

  • OAuth 2.0

  • OpenID Connect

  • SAML

  • JWT claims mapping

• Evidence of:

  • Multi-tenant Azure AD trust models

  • OIDC/SAML identity provider federation

  • Integration of custom RESTful claims services

• Capability to embed custom HTML/CSS templates within user journeys.

• Working knowledge of:

  • API registrations

  • Service Principals

  • App Roles and Delegated Permissions