Senior Okta Implementation Engineer

Senior Okta Implementation Engineer

3+ Months

Remote

Required Qualifications

• 7+ years of experience in IAM, identity engineering, or access management roles.
• At least 3 years of hands-on Okta implementation and administration experience.
• Proven experience onboarding applications into enterprise identity platforms and supporting identity modernization or migration programs.
• Experience within federal agencies or supporting federal contractors.
• Familiarity with NIST 800-53 and NIST 800-63B compliance requirements.
• Experience with role mapping, entitlement alignment, user lifecycle design, and identity governance concepts.
• Exposure to identity governance tools such as SailPoint.
• Okta certifications such as Okta Certified Professional, Administrator, Consultant, or Architect.

Position Summary

We are seeking a highly experienced Senior Okta Implementation Engineer / Technical Administrator to support a high-priority identity modernization initiative involving the migration and integration of approximately 28 legacy applications into a centralized identity platform within a federal / regulated environment. This role is responsible for the hands-on configuration, administration, migration, and optimization of the Okta ecosystem, with a strong emphasis on application onboarding, authentication policy enforcement, identity lifecycle automation, and technical troubleshooting.

The ideal candidate brings deep, practical Okta expertise and can work closely with architecture, IAM, infrastructure, security, and application teams to stand up scalable identity patterns quickly and correctly. Unlike an architect who defines what is being built, this role is accountable for how Okta is configured and operated, ensuring every policy, workflow, attribute map, and integration aligns with enterprise and federal security requirements.

Key Responsibilities

• Configure and administer Okta to support centralized identity and access management for multiple legacy and modern applications.
• Execute the technical migration and cutover of legacy applications into Okta, including onboarding, federation, user assignments, groups, claims, and role mapping.
• Configure, test, and troubleshoot SAML 2.0, OIDC, OAuth 2.0, and header-based authentication patterns for approved application integrations.
• Support legacy application modernization, including migration away from AD FS, CA SiteMinder, Oracle IAM, or other on-premises identity providers.
• Deploy and support MFA implementation, sign-on policies, enrollment policies, password policies, and access controls within the Okta ecosystem.
• Build and maintain Okta configurations aligned to approved target-state IAM patterns and federal security mandates, including NIST 800-63B and applicable NIST 800-53 controls.
• Manage the day-to-day health of Okta Lifecycle Management (LCM), including attribute mapping from Active Directory, LDAP, and HRIS sources and validation of automated provisioning/deprovisioning logic.
• Develop and maintain Okta Workflows to support complex joiner/mover/leaver scenarios and other automation needs not addressed through standard lifecycle configuration.
• Support user, group, role, claims, and entitlement alignment across applications and enterprise IAM requirements.
• Manage and troubleshoot Okta AD Agents and IWA Agents, ensuring synchronization health and high availability across multiple domains and forests.
• Support and troubleshoot Okta Access Gateway (OAG) for legacy applications that cannot natively support SAML or OIDC.
• Perform deep technical troubleshooting across authentication flows, claims transformation, session handling, API integrations, access policies, and federation issues.
• Serve as a Tier 3 escalation point for identity-related incidents, including Syslog review, audit analysis, and API-based troubleshooting using tools such as Postman.
• Implement, manage, and troubleshoot integration of Okta events into the enterprise SIEM platform.
• Partner with application, IAM, security, and architecture teams to resolve onboarding, authentication, and authorization issues in a compressed delivery timeline.
• Contribute to implementation documentation, configuration standards, technical runbooks, and knowledge transfer to client teams.
• Help maintain tenant hygiene, including remediation of orphaned accounts, stale groups, and expired API tokens.

Technical Requirements

• Deep hands-on experience administering Okta in the Okta Admin Console, including sandbox testing and production-ready configuration.
• Strong experience implementing and troubleshooting OIDC, OAuth 2.0, SAML 2.0, and application federation patterns.
• Hands-on experience integrating and migrating legacy applications into Okta from legacy identity platforms such as AD FS, CA SiteMinder, or Oracle IAM.
• Experience configuring Okta groups, claims, app integrations, policies, MFA, lifecycle processes, and workflows.
• Experience with Okta Access Gateway (OAG) for header-based or other legacy application integration use cases.
• Familiarity with Active Directory, LDAP, HRIS integrations, and identity data mapping.
• Proficiency using Postman to interact with Okta APIs and PowerShell and/or Python for bulk user/group management, automation, and reporting.
• Experience supporting integration of Okta logs/events into a SIEM.
• Familiarity with Terraform or other Infrastructure as Code approaches for Okta configuration management is a plus.
• Strong troubleshooting skills across identity, authentication, and access-related issues in fast-paced delivery environments.