Job Description

Project description

One of the biggest UK rail network companies operating with rail infrastructure and asset management has a need to develop and support enterprise-level information systems.



This portfolio is key to company's function as it covers all of the infrastructure and sites/services. The Portfolio has several critical projects required to be delivered during next 2 years.



We are looking for a Solution Architect specialising in Single Sign On technologies. This will enable Users and systems to sign on to multiple systems locally and remotely without entering credentials each time.

Responsibilities

Technical Direction to assigned projects


Design assurance to all of NR Policies


Design approval via the NR Design processes.


SME for help when needed for infrastructure issues.


Hybrid-based, covering various Office location as and when required, 3 days/week office attendance.

Skills

Must have


SSO & IAM Expertise


Strong understanding of SSO protocols:


SAML 2.0, OAuth 2.0, OIDC (OpenID Connect)


Experience designing and implementing SSO architectures across enterprise applications


Deep knowledge of Identity Providers (IdPs) and Service Providers (SPs)


Hands-on Experience with SSO Platforms (Azure AD / Entra ID, Okta etc).


Experience with federation, multi-tenant SSO, and Just-in-Time (JIT) provisioning


Integration and Development


Ability to integrate SSO with cloud-based and on-prem applications


Knowledge of JWT, assertions, tokens, and claims transformation


Familiarity with SCIM for user provisioning/deprovisioning


Architecture & Security


Strong background in enterprise solution design


Experience with Zero Trust architecture and least privilege access


Understanding of compliance requirements (e.g., GDPR, HIPAA) related to identity


Cloud infrastructure knowledge (Azure, AWS, GCP) especially around IAM components


Knowledge of CI/CD pipelines and how auth impacts DevSecOps


Familiarity with mobile app SSO integration (deep linking, PKCE)


Experience working with legacy apps that need modern auth retrofitted


Multi-factor authentication (MFA) solutions and passwordless strategies


Nice to have


Strong stakeholder communication


explaining auth concepts to non-techs


Security-minded but practical


balances user experience with risk


Experience leading SSO migrations or consolidation projects

Other

Languages


English: B2 Upper Intermediate


Seniority


Senior



Milton Keynes, United Kingdom of Great Britain and Northern Ireland


Req. VR-116109


Solution/Integration Architecture


Cross Industry Solutions


22/07/2025


Req. VR-116109