Security Engineer II – IAM, SaaS Governance

This is a fully remote position, open to applicants in Argentina.

📋 Description

• Serve as the lead engineer for Okta, overseeing sophisticated configurations such as custom authorization servers, adaptive MFA, and conditional access policies.

• Create and manage automated joiner-mover-leaver (JML) workflows through Okta Workflows, SCIM, or bespoke API scripts to reduce manual provisioning inaccuracies.

• Standardize and execute SSO integrations using SAML 2.0, OIDC, and OAuth 2.0, ensuring secure token exchanges and proper scoping.

• Design, audit, and enhance Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) models across all enterprise SaaS platforms.

• Monitor and address unauthorized data sharing, public file exposures, and "shadow IT" API integrations within our SaaS ecosystem.

• Conduct quarterly user access reviews (UARs) and offer evidentiary support for security frameworks such as SOC 2 Type II, ISO 27001, and GDPR.

• Utilize SSPM tools or inherent security centers to continuously audit and strengthen SaaS application configurations.

• Analyze Okta System Logs and SaaS audit logs to identify anomalous activities (e.g., impossible travel, credential stuffing, unauthorized data exfiltration).

• Work alongside the SOC team to ensure essential IAM and SaaS logs are accurately ingested into our SIEM for real-time alerts.

⛳️ Requirements

• 3–5 years of specialized experience in a Security Engineering, IAM, or Systems Engineering role with a robust security emphasis.

• Solid engineering-level expertise in Okta (Okta Certified Administrator or Certified Consultant preferred).

• Demonstrated success in implementing data governance principles, data loss prevention (DLP), and zero-trust access models.

• Comprehensive understanding of networking and identity protocols: TCP/IP, HTTP, SAML, OAuth, OIDC, and SCIM.

• Proficient in Python, PowerShell, or Bash to interact with REST APIs for custom security tools and automation.

• Experience in querying logs (Splunk, ELK, SQL, or cloud-native SIEMs) to investigate identity-related security incidents.

🏝️ Benefits

• Shape real-world AI-driven projects across key industries, collaborating with clients from startup innovation to enterprise transformation.

• Be part of a global team that offers equal opportunities for collaboration across continents and cultures.

• Thrive in an inclusive environment that emphasizes continuous learning, innovation, and ethical AI standards.