Key skills
IAMEntra IDOAuthOktaSAMLActive DirectorySSOSaaSWorkdayCommunication
About this role
Role Overview
- Administer Okta end to end, including users, groups, applications, authentication policies, sign-on rules, network zones, and Okta Workflows across the full product suite.
- Configure and support Okta authentication and access standards, including OAuth/OIDC, SAML, SCIM, Okta FastPass, Device Trust, device-bound SSO, and Device Access.
- Integrate and manage third-party SaaS applications in Okta, including SSO setup, SCIM-based provisioning and de-provisioning, group push, and role mapping.
- Own Okta's integrations with core enterprise systems, including Microsoft (Entra ID / Active Directory) and Workday as the HR system of record driving joiner, mover, and leaver events.
- Design and operate the joiner/mover/leaver lifecycle, ensuring timely, accurate, and auditable provisioning and de-provisioning across all in-scope applications.
- Ensure application integrations meet security best practices, including least-privilege access, MFA enforcement, strong authentication policies, and well-structured group and role design.
- Partner with the Security team to design and implement Okta and application-level security controls, policies, and risk-based / adaptive access rules.
- Support audit, compliance, and access certification activities (e.g., SOX, SOC 2) with reporting, evidence collection, and periodic access reviews.
- Build and maintain Okta Workflows and other automations to streamline identity processes such as onboarding, offboarding, group membership, and access reviews.
- Provide tier 2 and tier 3 support for IAM-related issues, including triage, root-cause analysis, and remediation, and serve as the escalation point for the helpdesk.
- Document configurations, runbooks, and processes to support team continuity, onboarding, and audit readiness.
Requirements
- 5+ years of experience in an Identity and Access Management, IT security, or systems engineering role.
- Hands-on experience administering Okta in production across the full product suite, including users, groups, applications, authentication policies, and Okta Workflows.
- Deep working knowledge of identity standards and Okta features, including OAuth/OIDC, SAML, SCIM, Okta FastPass, Device Trust, device-bound SSO, and Device Access.
- Proven experience integrating third-party SaaS applications with Okta, including SSO and SCIM provisioning.
- Experience integrating Okta with Microsoft (Entra ID / Active Directory).
- Experience integrating Okta with Workday as the HR system of record driving lifecycle events.
- Experience designing and operating joiner/mover/leaver lifecycle processes at scale.
- Experience partnering with Security teams to implement IAM controls, policies, and best practices for application integrations and access design.
- Experience providing tier 2 and tier 3 end-user support for identity-related issues.
- Strong problem-solving and troubleshooting skills, with a structured, root-cause-driven approach.
- Strong written and verbal communication skills, with the ability to work directly with business, IT, and security stakeholders.
Benefits
- Performance-driven compensation
- Comprehensive, flexible health benefits
- Financial wellbeing & long-term support
- Time to recharge
- Support for families
- Holistic wellbeing support
- Flexibility in how you work and live
- Daily perks that make work better
- An exceptional NYC office experience
- High-impact work at a category-defining moment