DevOps Engineer (Azure AD B2C)

Tremend is looking for a DevOps Engineer to join our team of bright thinkers and doers. You’ll use your problem solving creativity to figure out our clients’ most complex and challenging problems across different industries. We are on a mission to transform the world, and you will be instrumental in shaping how we do it with your ideas, thoughts, and solutions. 

Objective

Design and implement a custom policy flow in Azure AD B2C for a client-facing portal that supports multi-tenant trust, secure user lifecycle management, and modern authentication capabilities.

Responsibilities

• Custom Policy (IEF) Design & Development

• Develop and configure Identity Experience Framework (IEF)–based custom policies for:

• User Registration (Sign-up) with claims enrichment (profile, tenant info, etc.)

• User Login (Sign-in) flows supporting both local and federated identities

• Password Reset and Account Recovery journeys

• Multi-Factor Authentication (MFA) integration (email/SMS/authenticator app)

• Ensure seamless UX alignment with the client portal (integrate custom UI templates, branding, and localized strings).

• Application & Tenant Configuration

• Register multiple applications (client portal, admin app, APIs) in B2C with appropriate permissions and redirect URIs.

• Configure multi-tenant trust, enabling users from multiple Azure AD tenants to authenticate via the same B2C instance.

• Establish federation and trust relationships between B2C and external Azure AD directories using custom OpenID Connect / SAML IDPs.

• Implement claims transformation logic to normalize identities from different tenants into a unified claims schema.

Security & Compliance

• Define secure token lifetimes, refresh policies, and appropriate token signing/encryption keys.

• Enforce modern security best practices (PKCE, HTTPS redirects, no implicit flow).

• Integrate conditional access and MFA enforcement where applicable.

Testing & Validation

• Validate full end-to-end policy flow across environments (DEV, UAT, PROD).

• Document policy XML structure, extensions, and trust framework dependencies.

Knowledge Transfer

• Provide detailed technical documentation, deployment scripts, and handover session to internal IT/admin team.

• Guide on ongoing maintenance, scaling, and future policy customization.

Qualifications

• Deep hands-on experience with Azure AD B2C Custom Policies (IEF) — authoring TrustFrameworkBase.xml, Extensions.xml, and RelyingParty.xml.

• Understanding of OAuth 2.0, OpenID Connect, SAML, and JWT claims mapping.

• Proven experience integrating multi-tenant Azure AD trusts and custom RESTful claims providers.

• Experience integrating custom HTML/CSS templates for B2C user journeys.

• Familiarity with API registration, service principal management, and App Roles / Delegated permissions.

Besides an exciting job in a tremendous team, here s what you can expect:

• A fast-paced tech environment
• Continuous growth & learning
• Open feedback culture
• Room for own initiative & ideas
• Transparency about results & strategy
• Recognition & reward for hard work
• Working with a flexible schedule 
• Medical subscription
• Meal tickets
• Extra vacation days - starting with 25 vacation days
• Many others perks 

Tremend is the newest global software engineering hub for Publicis Sapient. For over 20 years, the company has been infusing its advanced technical expertise into complex and innovative solutions that meet today s digital transformation needs and pave the way for a better and smarter future. By joining forces with Publicis Sapient we re accelerating the impact, providing a good mix of talented engineers, technology, continuous improvement, innovation, and R&D. Here, you ll have the opportunity to unleash your potential, powering up advanced software solutions for some of the world s most iconic brands. Embrace your passion for technology, creativity, and continuous improvement, and join us in making a difference through engineering.