Senior IAM Engineer

This is a fully remote position, open to applicants in India.

📋 Description

• Manage Okta from start to finish, overseeing users, groups, applications, authentication policies, sign-on rules, network zones, and Okta Workflows throughout the entire product suite.

• Set up and maintain Okta authentication and access protocols, including OAuth/OIDC, SAML, SCIM, Okta FastPass, Device Trust, device-bound SSO, and Device Access.

• Integrate and oversee third-party SaaS applications within Okta, involving SSO configuration, SCIM-based provisioning and de-provisioning, group pushes, and role mappings.

• Take ownership of Okta's integrations with essential enterprise systems, such as Microsoft (Entra ID / Active Directory) and Workday, which serve as the HR system of record to facilitate joiner, mover, and leaver processes.

• Design and manage the joiner/mover/leaver lifecycle, ensuring efficient, accurate, and auditable provisioning and de-provisioning across all relevant applications.

• Verify that application integrations adhere to security best practices, including least-privilege access, MFA enforcement, stringent authentication policies, and organized group and role structures.

• Collaborate with the Security team to create and implement Okta and application-level security measures, policies, and adaptive access rules based on risk assessment.

• Assist with audit, compliance, and access certification initiatives (e.g., SOX, SOC 2) through reporting, evidence gathering, and regular access reviews.

• Develop and sustain Okta Workflows and other automation tools to enhance identity processes such as onboarding, offboarding, group membership, and access reviews.

• Provide tier 2 and tier 3 support for IAM-related inquiries, including triage, root-cause analysis, and solutions, while acting as the escalation point for the helpdesk.

• Document configurations, runbooks, and procedures to ensure team continuity, onboarding efficiency, and audit preparedness.

⛳️ Requirements

• Over 5 years of experience in Identity and Access Management, IT security, or systems engineering roles.

• Practical experience managing Okta in a production environment across the complete product suite, including users, groups, applications, authentication policies, and Okta Workflows.

• Extensive knowledge of identity standards and Okta functionalities, including OAuth/OIDC, SAML, SCIM, Okta FastPass, Device Trust, device-bound SSO, and Device Access.

• Demonstrated experience integrating third-party SaaS applications with Okta, covering SSO and SCIM provisioning.

• Familiarity with integrating Okta with Microsoft (Entra ID / Active Directory).

• Experience connecting Okta with Workday as the HR system of record responsible for lifecycle events.

• Proven track record in designing and managing joiner/mover/leaver lifecycle processes on a large scale.

• Experience collaborating with Security teams to enforce IAM controls, policies, and best practices for application integrations and access architecture.

• Experience delivering tier 2 and tier 3 end-user support for identity-related issues.

• Excellent problem-solving and troubleshooting capabilities, utilizing a structured, root-cause-analysis approach.

• Strong written and verbal communication skills, with the ability to engage directly with business, IT, and security stakeholders.

🏝️ Benefits

• Performance-driven compensation

• Comprehensive, flexible health benefits

• Financial wellbeing & long-term support

• Time to recharge

• Support for families

• Holistic wellbeing support

• Flexibility in how you work and live

• Daily perks that enhance the work experience

• An exceptional NYC office environment

• High-impact work during a category-defining moment