2026-0098 MFA Internet Portals POC (NS) REMOTE - 9 Jul

Park Lane Recruitment
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
€ 66K

Job location

Tech stack

API
Software System Penetration Testing
User Authentication
Authentication Protocols
Cloud Computing
Multi-Factor Authentication
Federated Identity Management
Design of User Interfaces
Identity and Access Management
Web Portals
Moodle
OpenID
Zero Trust Network Access
Runbook
Security Assertion Markup Language (SAML)
Screenshots
Web Application Security
Information Technology Security Auditing
SharePoint
Single Sign-On
Smart Cards
Strategies of Testing
Web Applications
Data Logging
Okta
Test Scripts

Job description

Due to the findings in the Type 4 Security Audit NATO, technical teams have been tasked with planning and implementing a security standardisation for Multi-Factor Authentication for internet facing web-portals throughout the NATO enterprise.

Scope:

  • Build a Proof of Concept (POC) environment based on a single Entra ID Identity Provider to a number of MFA technologies as MFA brokers.
  • Test and document POC applications against a set test criterion.
  • Build and test security logging with the security department.
  • Document Service delivery requirements and support documentation.
  • Work with Quality teams to align test strategy and test acceptance.
  • This SOW will not exceed EUR 73,750 (Deliverables and Travel).

Constraints:

  • The identification of the most fit-for-purpose solution is to be validated, confirmed and accredited.
  • The solution is to align with other ongoing NCIA efforts, including but not limited to: IT Modernization; NATO Cloud Programs; Protected Business Network; and NATO and NCIA Directives.
  • The solution is developed in close coordination with NCSC, NCIA and its technical staff. Coordination meetings shall take place at intervals sufficient to ensure information sharing and technical exchange.
  • Due to the criticality and dependencies of follow-on project elements, the solution is to be completed and accepted no later than end of December 2026.

MFA Internet Facing Portals - Extract Scope

Preparation Phase and Configuration

Business Analysis; Document current production configurations; Full production configuration export; Document current production MFA configuration (if it exists); Document current self-registration, onboarding and user lifecycle process; Screenshot and document current login and logout UI/UX; Inventory all application interfaces; User account audit and mapping; CIS Description; Test strategy; Test scripts created by principal users; Security Pen Testing; Dependency Map; Target Architecture; Training Materials; Runbooks.

Execution Phase: POC Build and Technology Pillar Integration

Requirements

  • Minimum 5 years of experience in Identity and Access Management.
  • Strong knowledge of authentication protocols (SAML, OIDC).
  • Sound knowledge of federated identity management and Single Sign-On (SSO) solutions (Okta, Entra ID, and similar).

Multi-Factor Authentication:

  • Proven experience designing and rolling out MFA at scale in an enterprise environment (5,000+ users).
  • Experience with certificate-based MFA smart cards, YubiKeys, passkeys/WebAuthn, TOTP, and push-based MFA applications (Microsoft Authenticator, Duo, and similar).
  • Understanding of risk-based or adaptive authentication strategies.

Web Security and Secure Access Architecture:

  • Experience in securing web applications and APIs.
  • Strong understanding of TLS, client certificates, reverse proxies, and Zero Trust principles.
  • Experience with SSO integration of web applications.
  • Recent experience configuring MFA technologies on the following platforms (Technology Pillars) as brokers: Moodle; SharePoint; Keycloak; Cognito.
  • Demonstrated recent experience configuring Entra ID as an MFA Provider to the above MFA brokers.
  • Ability to produce high-standard documentation for testing and service delivery.

Communication and Interpersonal Skills:

  • Excellent verbal and written communication skills.
  • Full proficiency in English.
  • Ability to communicate technical information to non-technical users in a clear and concise manner.

Customer Service Orientation:

  • Strong customer service focus with a commitment to user satisfaction.
  • Patience and empathy when dealing with user issues and concerns.

Organisational Skills:

  • Attention to detail in documenting support activities and maintaining accurate records.

Team Collaboration:

  • Ability to work effectively as part of a team and share knowledge and resources.
  • Willingness to collaborate with colleagues to solve complex issues.

Other Requirements:

  • Strong customer relationship skills, including negotiating complex and sensitive situations under pressure.
  • Must hold the nationality of one of the NATO member nations.

Apply for this position