Cybersecurity Engineer - Application Federation

We are seeking a skilled Cybersecurity Engineer with expertise in Microsoft Entra (Azure AD) and Identity and Access Management (IAM) to design, implement, manage, Enterprise Applications and App Registrations. This role is responsible for securing user, workload, and application access while enabling business productivity through modern, zero-trust identity controls.

The ideal candidate has hands-on experience with Application Federation, SaaS, SAML, OIDC, Microsoft Entra Enterprise Applications/App Registrations, and is comfortable troubleshooting complex authentication and access issues in enterprise environments.

***For this opportunity: Truist will not sponsor an applicant for work visa status or employment authorization, nor will we offer any immigration-related support for this position (including, but not limited to H-1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN-1 or TN-2, E-3, O-1, or future sponsorship for U.S. lawful permanent residence status.)***

Essential Duties and Responsibilities

Following is a summary of the essential functions for this job.  Other duties may be performed, both major and minor, which are not mentioned below.  Specific activities may change from time to time.

Application Federation (SaaS)

· Design, implement and manage Microsoft Entra Enterprise Applications (SAML, OIDC)

· Be familiar with ticketing systems such as Service Now

· Have a customer service approach to helping application teams thru the process

Identity & Access Management (IAM)

· Manage and secure identities, roles, and access for users, groups, and applications

· Secure access to cloud and enterprise applications (SAML, OIDC, OAuth)

· Support identity lifecycle processes including onboarding, role changes, and offboarding

Automation & Engineering

· Automate Enterprise Applications using PowerShell and Microsoft Graph API

· Build repeatable, scalable identity security solutions and policy templates

· Implement monitoring, alerting, and reporting for authentication and access events

Troubleshooting & Operations

· Partner with IT, cloud, and application teams to resolve access issues without weakening security

· Perform root-cause analysis on access-related incidents and security events

Governance, Compliance & Documentation

· Ensure application federation configurations align with organizational security standards and compliance requirements (e.g., NIST, ISO, SOC, CMMC, etc.)

· Participate in security assessments and continuous improvement initiatives

Additional Responsibilities

· Analyze information to determine, recommend, and plan the use of new information security technologies, or modifications to existing equipment and systems that will provide capability for proposed project or workload, efficient operation and effective use of allotted resources

· Assist the implementation of new information security technologies or integration of existing technologies including initial configuration, installation, change management, and operational handoff for SaaS applications

· Responsible for technical support of SaaS technologies providing expert problem analysis and resolution in a timely manner

Qualifications

Required Qualifications

The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

· Bachelor’s degree and five years of experience in systems engineering or administration or an equivalent combination of education and work experience

· In-depth knowledge in applied enterprise information security technologies including but not limited to firewalls, intrusion detection/prevention systems, network operating systems, identity management, database activity monitoring, encryption, content filtering, and Mainframe security

· Previous experience in planning and managing IT projects

Preferred Qualifications

· Master’s degree or MBA and eight years of experience or an equivalent combination of education and work experience.

· Direct experience with Application Federation, SaaS, SAML, OIDC, Microsoft Entra Enterprise Applications/App Registrations

· Strong communications skills and ability to drive work to completion

· Strong hands-on experience with Microsoft Entra ID (Azure AD)

· Solid understanding of Identity and Access Management concepts and best practices

· Experience with MFA, SSO, RBAC, PIM, and identity lifecycle management

· Proficiency with PowerShell and/or Microsoft Graph API for automation

· Strong troubleshooting skills across authentication, authorization, and access flows

· Banking or financial services experience

This position will onsite, office-centric (5 days a week), based in a Truist core location:

North Carolina: Charlotte/Raleigh/Wilson/Greensboro

Georgia: Atlanta

Virginia: Richmond

Other Job Requirements / Working Conditions

Sitting

Constantly (More than 50% of the time)

Visual / Audio / Speaking

Able to access and interpret client information received from the computer and able to hear and speak with individuals in person and on the phone.

Manual Dexterity / Keyboarding

Able to work standard office equipment, including PC keyboard and mouse, copy/fax machines, and printers.

Availability

Able to work all hours scheduled, including overtime as directed by manager/supervisor and required by business need.

Travel

Minimal and up to 10%

General Description of Available Benefits for Eligible Employees of Truist Financial Corporation: All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position. Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays. For more details on Truist’s generous benefit plans, please visit our Benefits site. Depending on the position and division, this job may also be eligible for Truist’s defined benefit pension plan, restricted stock units, and/or a deferred compensation plan. As you advance through the hiring process, you will also learn more about the specific benefits available for any non-temporary position for which you apply, based on full-time or part-time status, position, and division of work.

Truist is an Equal Opportunity Employer that does not discriminate on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status, or other classification protected by law. Truist is a Drug Free Workplace.