Senior Identity and Security Operations Engineer

📋 Description

• Collaborate with cross-functional teams to design, implement, and oversee our security and identity platforms.

• Develop, integrate, and sustain account- and system-provisioning solutions as we advance towards a Zero Trust architecture.

• Partner with application owners and business stakeholders to offer security subject-matter expertise and guidance on security standards and policies to safeguard customers and maintain a secure environment.

• Administer identity and security operations platforms (e.g., Okta, Active Directory, Active Directory Certificate Services (ADCS), ADFS, Azure, Intune, AWS/IAM, certificate and secrets management).

• Manage Active Directory deployments and reconstruct the ADCS environment.

• Lead and contribute to Okta projects while effectively managing permissions.

• Provide Tier 3 support for all Identity and Security Operations-related issues.

• Develop policies and procedures for identity and security systems.

• Serve as a subject-matter expert (SME) in SSO, SAML, and SCIM for application owners and business stakeholders.

• Collaborate closely with other security and infrastructure teams to proactively identify, safeguard, and defend the enterprise against cybersecurity threats and to resolve complex issues.

• Mentor and train fellow team members.

• Participate in on-call rotations as necessary.

⛳️ Requirements

• A minimum of 4 years of experience in at least three of the following areas:

• Automating cross-domain identity management (SCIM).

• Operating multi-factor authentication solutions.

• Managing integration APIs and web services (e.g., REST, SOAP, OAuth, OIDC).

• Role-based access control strategies and privileged account management.

• Risk-based authentication and conditional access.

• Conducting enterprise access reviews and recertification.

• Advanced understanding of security principles (e.g., separation of duties, least privilege).

• Expert knowledge across core IAM domains: Identity Governance and Administration, Privileged Access Management, Authentication, Authorization, Identity Lifecycle Management.

• Familiarity with Change Management and Service Desk practices.

• Understanding of Agile frameworks such as Kanban or Scrum.

• Preferred qualifications:

• Expertise in Okta Lifecycle Management and Active Directory Certificate Services (ADCS).

• Technical knowledge of PKI and API security.

• Strong experience with Zero Trust implementations.

• Demonstrated expertise in three or more IT-related fields, including cloud services, authentication, PKI, system administration, software development, networking, or security architecture.

• Advanced knowledge of security topics such as threat hunting, threat modeling, digital forensics, reverse engineering, phishing, and penetration testing.

• Strong communication skills for engaging with customers, peers, and executive leadership.

• Willingness to participate in on-call shifts.

🏝️ Benefits

• Health and dental insurance

• Meal and food allowance

• Childcare assistance

• Extended paternity leave

• Partnerships with gyms and wellness providers through Wellhub (Gympass) TotalPass

• Profit sharing and results participation (PLR)

• Life insurance

• Continuous learning platform (CI&T University)

• Employee discount program

• Free online platform dedicated to physical, mental, and overall well-being

• Pregnancy and responsible parenting course

• Partnerships with online learning platforms

• Language learning platform