Okta Engineer

Role Summary

A successful candidate will bring deep IAM Solution expertise, strong business acumen and judgment. Utilizing your experience with Okta Workforce Identity Cloud (WIC), Okta Identity Engine (OIE)you will work under the direction of a Principal Architect to configure, test, and promote tenant integrations, configurations, workflows, and policies. You must have experience and understanding of modern protocols in use for complex authorization flows beyond simple SSO. Exposure may span to the Okta Customer Identity Cloud (CIC) a.k.a. Auth0, so skills in this platform are a plus.

In addition to having strong technical skills, you must be comfortable in effectively communicating with technical IT teams, security professionals, and application owners, while being sensitive to diverse cultural and technical backgrounds in a global business environment.

Essential Functions

Convey knowledge and experience with information security, authorization and authentication systems, infrastructure, and implementation techniques.

Configure IAM solution cloud/SaaS tenants in multiple environments (dev, test, QA, prod, etc.) to meet requirements and design specifications for data residency, performance, security, and functionality. (Okta WIC).

In partnership with other Converge and Client team stakeholders based upon approved requirements and design aspects:

Perform hands-on integration of HR/Employee identity data into IAM systems.

Perform hands-on integration of Contractor/Non-Employee identity data into IAM systems.

Perform hands-on integration of AD domains, Azure AD, and Other key identity stores.

Perform hands-on development of lifecycle workflows, authorization services, and other key Okta integration requirements.

Support application teams and provide hands on integration support to connect applications to IAM connectors, workflows, and protocol integrations.

Analyze server side and client logs to debug issues with IAM.

Advise client stakeholders between infrastructure, application, and threat monitoring teams to ensure the timely and successful delivery of solutions.

Maintain accurate documentation for proper transition of work to client stakeholders including operations and end users.

Required Skills/Abilities/Competencies

Ethical and Critical Thinking

Demonstrable experience with working with applications to adopt IAM solutions leveraging IAM platforms, Okta WIC, Okta CIC / Auth0.

Demonstrable knowledge of other IAM products in the market

Knowledge of tenant, geographical, network, rate limiting, and other design challenges presented through the adoption of cloud delivered IAM.

Capable of adapting to new IAM technologies, explore, and explain them to others even if not a hands on expert.

Demonstratable, excellent technical writing skills

Excellent interpersonal and customer service skills.

Excellent time management skills with a proven ability to meet deadlines.

Strong analytical, troubleshooting, and problem-solving skills.

Ability to function well in a high-paced and at times stressful environment.

Proficient with Microsoft Office Suite or related software.

Education And Experience

5-10 years of experience in IAM, RBAC, User Access Provisioning/Termination, Access Certification, Federation, Authentication, SSO, and similar technologies.

Demonstrable experience with working with applications to adopt IAM solutions leveraging IAM platforms, Okta WIC, Okta CIC / Auth0, SailPoint IDNOW preferred.

Strong hands-on experience with industry standard provisioning and SSO technologies and protocols (SCIM, SAML/JIT, OAUTH2, FIDO2 WebAuthN, and OpenID Connect (OIDC)).

Experience in extending or integrating on premises AD with Azure based AD.

Experience in large-scale, global projects and programs.

Familiarity with IT security and risk management practices.

Bachelor’s Degree in Computer Science, Engineering, Network Security or related field or equivalent experience.

Required

Okta Certification

Desired

Security Certifications (CISSP, Security+, CCSK)

Other vendor product certifications (Ping Identity, OneIdentity, Microsoft, etc.)

--