Kocho recognise that technology on its own does not deliver change and offers technology adoption services alongside excellent technical consulting to enable our clients to achieve their business goals on their journey to Become Greater.
Our head office is in the heart of London’s West End and provides a comfortable working environment with flexible collaboration spaces that encourage our people to Become Greater with the aim to Do What’s Right. We now have offices in Cardiff and Cape Town which follow the style of our London space.
Kocho is an equal opportunities employer. We make recruitment decisions based on qualifications, skill set and experiences. We consider all suitable candidates regardless of their age, sex, gender reassignment, race, religious beliefs, or lack thereof, marital status, disability or sexual orientation or any other protected characteristic. This is mindset aligns with our company values as we understand that we are Better Together.
Role Overview
The External Identity Support Analyst provides advanced (3rd‑line) technical support and expertise for external identity platforms and customer identity solutions. The role is essential to ensuring stable, secure, and high‑performing identity services across our Managed Solution Support portfolio.
Key Responsibilities
* Provide 3rd‑line remote technical support for customer identity and access solutions within Managed Solution Support, focusing on external identity technologies (Entra ID, Entra External ID, Azure AD B2C, federation, SSO).
* Maintain and improve the Configuration Management Database (CMDB) for supported services.
* Support smooth transition of clients and projects into Managed Solution Support.
* Contribute to the development and enhancement of Kocho’s identity service offerings.
* Operate as a subject matter expert, offering expert advice and solutions to complex or bespoke identity challenges.
* Influence clients to adopt best‑practice approaches for secure and scalable identity management.
* Act as an advocate for clients when working with internal teams and Senior Management.
* Maintain clear and accurate documentation, troubleshooting guides, and operational procedures.
* Strong troubleshooting abilities for complex and bespoke identity-integrated applications.
* Ability to read and modify code in .NET and C#.
* Experience with SQL and database management tools.
* Solid working knowledge of PowerShell for automation and diagnostics.
* Experience supporting enterprise-scale environments.
* Understanding of federation and identity protocols:
* SAML 2.0
* OAuth 2.0
* OpenID Connect
* Token flows, claims, sessions
* Experience in operational support roles within business environments.
* Ability to work effectively in virtual, collaborative, and team-based settings.
* Excellent communication skills with the ability to explain technical issues clearly to both technical and non‑technical audiences.
* Strong analytical and problem‑solving ability.
* Demonstrated learning agility and a willingness to adopt new identity technologies.
* Understanding of security principles including least privilege, secure design, and common vulnerabilities.
* Familiarity with:
* Authorization concepts (roles, permissions, app registrations, service principals)
* User and group lifecycle management (creation, modification, deletion, dynamic groups)
* Knowledge of Conditional Access (CA) and Multi‑Factor Authentication (MFA).
Additional Beneficial Skills & Experience (Desirable)
* Experience with operation and support of:
* Relevant Microsoft certifications such as:
* SC‑300 (Identity & Access Administrator)
* Experience with Customer Identity & Access Management (CIAM) solutions or external identity lifecycle management.
* Knowledge of identity governance processes (access reviews, entitlement management, automated provisioning).
* Experience with logging and monitoring tools such as Application Insights, Azure Monitor, Log Analytics.
* Understanding of Zero Trust architecture and its application to external identity.
* Experience participating in incident management, including P1/P2 handling, root cause analysis, and post‑incident reviews.
#J-18808-Ljbffr