Single Sign On Engineer

Metlife Solutions Pte Ltd – Kuala Lumpur, Kuala Lumpur

Shortlisted Candidates will be invited to join MetLife's KL IT Infrastructure Engineering Challenge Hackathon event on 31st January 2026

The Single Sign-On (SSO) Engineer is responsible for designing, implementing, and supporting secure authentication and identity federation solutions across MetLife’s enterprise environment. This role ensures seamless, secure access to applications and services for employees and customers, leveraging SSO protocols and platforms (such as Entra, Ping Identity, Okta, and SAML/OAuth/OIDC standards). The SSO Engineer collaborates with security, infrastructure, and application teams to deliver robust, scalable, and compliant authentication experiences.

SSO Solution Design & Implementation:

Design, configure, and maintain SSO solutions using protocols such as SAML, OAuth, and OpenID Connect.

Integrate enterprise and cloud applications with SSO platforms (e.g., Entra, Ping Identity, Okta).

Develop and maintain authentication and federation services for internal and external users.

Implement and support multi-factor authentication (MFA) and conditional access policies.

Identity & Access Management (IAM):

Support the integration of SSO with IAM systems, directory services (Active Directory, LDAP), and user provisioning workflows.

Ensure compliance with security policies, regulatory requirements, and industry best practices.

Troubleshoot and resolve authentication, authorization, and access issues across hybrid and cloud environments.

Work closely with application owners, security, and infrastructure teams to onboard new applications and services to SSO.

Maintain comprehensive documentation of SSO configurations, integrations, and procedures.

Provide technical support and guidance to end-users and IT teams regarding SSO and authentication issues.

Monitor SSO system performance, logs, and alerts to ensure reliability and security.

Participate in audits, risk assessments, and incident response related to authentication and access.

Stay current with evolving SSO, IAM, and security technologies and recommend improvements.

Technical Leadership (Senior Level):

Mentor junior engineers and lead SSO-related projects or initiatives.

Drive adoption of secure authentication practices and contribute to IAM strategy.

Qualifications & Skills
Experience:

Engineer: 2–5 years relevant experience.

Senior: 5+ years with demonstrated technical and/or team leadership.

Skills:

Strong knowledge of SSO protocols (SAML, OAuth, OpenID Connect) and platforms (Azure AD, Ping Identity, Okta, etc.).

Experience with directory services (Active Directory, LDAP), MFA, and conditional access.

Scripting and automation skills (e.g., PowerShell, Python) are a plus.

Excellent troubleshooting, documentation, and communication skills.

(Senior Level) Ability to lead, mentor, and manage technical teams.

Preferred Certifications:

Relevant certifications (e.g., Microsoft, Okta, CISSP, security or IAM-related) are a plus.

Be careful - Don’t provide your bank or credit card details when applying for jobs. Don't transfer any money or complete suspicious online surveys. If you see something suspicious, report this job ad.