External Identity Support Analyst (Cardiff)
Role details
Job location
Tech stack
Job description
The External Identity Support Analyst provides advanced (3rd-line) technical support and expertise for external identity platforms and customer identity solutions. The role is essential to ensuring stable, secure, and high-performing identity services across our Managed Solution Support portfolio., * Provide 3rd-line remote technical support for customer identity and access solutions within Managed Solution Support, focusing on external identity technologies (Entra ID, Entra External ID, Azure AD B2C, federation, SSO).
- Maintain and improve the Configuration Management Database (CMDB) for supported services.
- Support smooth transition of clients and projects into Managed Solution Support.
- Contribute to the development and enhancement of Kocho's identity service offerings.
- Operate as a subject matter expert, offering expert advice and solutions to complex or bespoke identity challenges.
- Influence clients to adopt best-practice approaches for secure and scalable identity management.
- Act as an advocate for clients when working with internal teams and Senior Management.
- Maintain clear and accurate documentation, troubleshooting guides, and operational procedures.
Requirements
Do you have experience in Technical support?, * Strong troubleshooting abilities for complex and bespoke identity-integrated applications.
- Ability to read and modify code in .NET and C#.
- Experience with SQL and database management tools.
- Solid working knowledge of PowerShell for automation and diagnostics.
- Experience supporting enterprise-scale environments.
- Understanding of federation and identity protocols:
- SAML 2.0
- OAuth 2.0
- OpenID Connect
- Token flows, claims, sessions
- Experience in operational support roles within business environments.
- Ability to work effectively in virtual, collaborative, and team-based settings.
- Excellent communication skills with the ability to explain technical issues clearly to both technical and non-technical audiences.
- Strong analytical and problem-solving ability.
- Demonstrated learning agility and a willingness to adopt new identity technologies.
- Understanding of security principles including least privilege, secure design, and common vulnerabilities.
- Familiarity with:
- Authorization concepts (roles, permissions, app registrations, service principals)
- User and group lifecycle management (creation, modification, deletion, dynamic groups)
- Knowledge of Conditional Access (CA) and Multi-Factor Authentication (MFA).
Additional Beneficial Skills & Experience (Desirable)
- Experience with operation and support of:
- Azure AD B2C / Entra External ID
- Microsoft Entra ID (formerly Azure AD)
- Azure DevOps
- Relevant Microsoft certifications such as:
- SC-300 (Identity & Access Administrator)
- SC-900 / AZ-900 fundamentals
- Experience with Customer Identity & Access Management (CIAM) solutions or external identity lifecycle management.
- Familiarity with API debugging and tooling (e.g., Fiddler, Postman, browser developer tools).
- Knowledge of identity governance processes (access reviews, entitlement management, automated provisioning).
- Experience with logging and monitoring tools such as Application Insights, Azure Monitor, Log Analytics.
- Understanding of Zero Trust architecture and its application to external identity.
- Experience participating in incident management, including P1/P2 handling, root cause analysis, and post-incident reviews.