Overview
Remote
Depends on Experience
Contract - W2
Contract - Independent
Contract - 6 Month(s)
Skills
Multi-factor Authentication
Identity Management
Inventory
Inventory Management
Laptop
Endpoint Protection
Help Desk
ISO/IEC 27001:2005
IT Security
Lifecycle Management
API
Authentication
Authorization
Mobile Device Management
OS X
Collaboration
Communication
Evaluation
Management
Master Data Management
Risk Management
SSO
SaaS
Scripting
System On A Chip
Onboarding
Orchestration
Pick
Provisioning
Regulatory Compliance
SAML
Workflow
Job Details
Job Title:- Senior Security Engineer (IAM/OKTA)
Location:- Remote (New York City)
Duration:- 3 months (for now - could extend depending on length of time to hire FT)
Working Hours:- 20-30 hours/hour - can increase/be flexible
Job Description
Core Experience and Skills
Proven experience deploying Okta Verify, FastPass, and multifactor authentication across corporate laptops, enabling seamless single sign on for SaaS applications.
Handson administration of MDM solutions (Rippling preferred) with device onboarding, inventory management, and enforcement of baseline security policies.
Strong scripting and automation skills (e.g.Okta Workflows) to integrate identity providers, directories, and SaaS applications.
Experience with directory hygiene and governance, including group and role cleanup, lifecycle management, and access reviews across Okta and SaaS apps.
Excellent communication and collaboration skills to work effectively with IT, security, and business stakeholders.
Proven experience deploying Okta Verify, FastPass, and multifactor authentication across corporate laptops, enabling seamless single sign on for SaaS applications.
Handson administration of MDM solutions (Rippling preferred) with device onboarding, inventory management, and enforcement of baseline security policies.
Strong scripting and automation skills (e.g.Okta Workflows) to integrate identity providers, directories, and SaaS applications.
Experience with directory hygiene and governance, including group and role cleanup, lifecycle management, and access reviews across Okta and SaaS apps.
Excellent communication and collaboration skills to work effectively with IT, security, and business stakeholders.
Core Competencies
Identity & Access Management Architecture: designing and implementing authentication and authorization frameworks, including Okta or similar identity providers, MFA, SSO, and least privilege principles.
Device & Endpoint Security: expertise in managing device inventory and enforcing security baselines via MDM solutions (e.g., Jamf, Intune) across macOS and other devices.
SaaS Security Posture Management: evaluation and configuration of SaaS applications to align with security best practices, including secure configuration, SAML/SCIM integration, and vendor risk management.
Automation & Orchestration: designing automated provisioning and deprovisioning workflows for employees, using scripting and API integration for identity and SaaS services.
Compliance & Security Standards: knowledge of frameworks such as SOC 2 and ISO 27001 and the ability to implement controls and metrics to meet compliance requirements.
Identity & Access Management Architecture: designing and implementing authentication and authorization frameworks, including Okta or similar identity providers, MFA, SSO, and least privilege principles.
Device & Endpoint Security: expertise in managing device inventory and enforcing security baselines via MDM solutions (e.g., Jamf, Intune) across macOS and other devices.
SaaS Security Posture Management: evaluation and configuration of SaaS applications to align with security best practices, including secure configuration, SAML/SCIM integration, and vendor risk management.
Automation & Orchestration: designing automated provisioning and deprovisioning workflows for employees, using scripting and API integration for identity and SaaS services.
Compliance & Security Standards: knowledge of frameworks such as SOC 2 and ISO 27001 and the ability to implement controls and metrics to meet compliance requirements.
Scope (projects to deliver)
Device posture: MDM device inventory accuracy cleanup; ensure laptops meet baseline policies.
Authentication foundation: Okta Verify/FastPass rollout; multi-factor authentication (MFA) on laptops.
Centralized access: Put critical applications behind Okta with MFA; unify sign-on.
Lifecycle automation: Automate off-boarding; implement role-based access; enable self-service access requests.
Directory hygiene: Okta group, identity, and access cleanup (correct teams, roles, and mappings).
Device posture: MDM device inventory accuracy cleanup; ensure laptops meet baseline policies.
Authentication foundation: Okta Verify/FastPass rollout; multi-factor authentication (MFA) on laptops.
Centralized access: Put critical applications behind Okta with MFA; unify sign-on.
Lifecycle automation: Automate off-boarding; implement role-based access; enable self-service access requests.
Directory hygiene: Okta group, identity, and access cleanup (correct teams, roles, and mappings).
60 90 Day Success Metrics
Inventory accuracy: 95% of active laptops present and compliant in MDM; zero unknown owner devices.
Strong laptop auth: 90% of active users enrolled in Okta Verify/FastPass; laptops require MFA at sign-in; less than 2 laptop MFA helpdesk issues per month.
Critical apps behind Okta: 12 business-critical apps use Okta with MFA; deactivation removes access within hours.
Faster access flow: Self-service access requests live for top 50% most used apps; 80% of access changes completed same business day
Correct access by role: Group and role mappings updated; monthly spot-check shows <5% overprovisioned access.
Inventory accuracy: 95% of active laptops present and compliant in MDM; zero unknown owner devices.
Strong laptop auth: 90% of active users enrolled in Okta Verify/FastPass; laptops require MFA at sign-in; less than 2 laptop MFA helpdesk issues per month.
Critical apps behind Okta: 12 business-critical apps use Okta with MFA; deactivation removes access within hours.
Faster access flow: Self-service access requests live for top 50% most used apps; 80% of access changes completed same business day
Correct access by role: Group and role mappings updated; monthly spot-check shows <5% overprovisioned access.
Sample Work Plan
Week 1: Baseline MDM and Okta; confirm critical app list; pick pilot groups; draft rollout plan and comms.
Week 2: Ship Okta Verify/FastPass pilot; fix MDM ownership gaps; draft self- service access request flow.
Week 3: Enforce laptop MFA for pilot; move first 3 5 apps behind Okta; automate off-boarding for core systems.
Week 4 6: Expand to remaining critical apps; finalize role-based access; complete Okta group and identity cleanup; turn on self-service; measure and harden.
Week 1: Baseline MDM and Okta; confirm critical app list; pick pilot groups; draft rollout plan and comms.
Week 2: Ship Okta Verify/FastPass pilot; fix MDM ownership gaps; draft self- service access request flow.
Week 3: Enforce laptop MFA for pilot; move first 3 5 apps behind Okta; automate off-boarding for core systems.
Week 4 6: Expand to remaining critical apps; finalize role-based access; complete Okta group and identity cleanup; turn on self-service; measure and harden.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.