External Identity Support Analyst

Role Overview

The External Identity Support Analyst provides advanced (3rd‑line) technical support and expertise for external identity platforms and customer identity solutions. The role is essential to ensuring stable, secure, and high‑performing identity services across our Managed Solution Support portfolio.

Key Responsibilities

• Provide 3rd‑line remote technical support for customer identity and access solutions within Managed Solution Support, focusing on external identity technologies (Entra ID, Entra External ID, Azure AD B2C, federation, SSO).
• Maintain and improve the Configuration Management Database (CMDB) for supported services.
• Support smooth transition of clients and projects into Managed Solution Support.
• Contribute to the development and enhancement of [Employer hidden — view at passion-project.co.uk]’s identity service offerings.
• Operate as a subject matter expert, offering expert advice and solutions to complex or bespoke identity challenges.
• Influence clients to adopt best‑practice approaches for secure and scalable identity management.
• Act as an advocate for clients when working with internal teams and Senior Management.
• Maintain clear and accurate documentation, troubleshooting guides, and operational procedures.

Essential Skills & Experience

• Strong troubleshooting abilities for complex and bespoke identity-integrated applications.
• Ability to read and modify code in .NET and C#.
• Experience with SQL and database management tools.
• Solid working knowledge of PowerShell for automation and diagnostics.
• Experience supporting enterprise-scale environments.
• Understanding of federation and identity protocols:
• SAML 2.0
• OAuth 2.0
• OpenID Connect
• Token flows, claims, sessions
• Experience in operational support roles within business environments.
• Ability to work effectively in virtual, collaborative, and team-based settings.
• Excellent communication skills with the ability to explain technical issues clearly to both technical and non‑technical audiences.
• Strong analytical and problem‑solving ability.
• Demonstrated learning agility and a willingness to adopt new identity technologies.
• Understanding of security principles including least privilege, secure design, and common vulnerabilities.
• Familiarity with:
• Authorization concepts (roles, permissions, app registrations, service principals)
• User and group lifecycle management (creation, modification, deletion, dynamic groups)
• Knowledge of Conditional Access (CA) and Multi-Factor Authentication (MFA).

Additional Beneficial Skills & Experience (Desirable)

• Experience with operation and support of:
• Azure AD B2C / Entra External ID
• Microsoft Entra ID (formerly Azure AD)
• Azure DevOps
• Relevant Microsoft certifications such as:
• SC‑300 (Identity & Access Administrator)
• SC‑900 / AZ‑900 fundamentals
• Experience with Customer Identity & Access Management (CIAM) solutions or external identity lifecycle management.
• Familiarity with API debugging and tooling (e.g., Fiddler, Postman, browser developer tools).
• Knowledge of identity governance processes (access reviews, entitlement management, automated provisioning).
• Experience with logging and monitoring tools such as Application Insights, Azure Monitor, Log Analytics.
• Understanding of Zero Trust architecture and its application to external identity.
• Experience participating in incident management, including P1/P2 handling, root cause analysis, and post-incident reviews.