Systems Architect

Overview

On Site
Up to $95
Accepts corp to corp applications
Contract - Independent
Contract - 12 Month(s)
No Travel Required

Skills

IAM
Okta
configuration
Access Control
RBAC
governance
JIT
step-up
SAML
OAuth 2.0
OIDC
LDAP
API

Job Details

KLC Consulting, Inc.

Requirement for: Systems Architect - Tallahassee FL

Contact: Maggie Manning: ,

End Client: Department of Management Services (DMS), 4050 Esplanade Way, Tallahassee FL

Due Date: June 4, 2025 by 11am EST

Duration: Through September 30, 2025. The Department, at its sole option, may elect to renew the PO.

Location: Onsite at 4050 Esplanade Way, Tallahassee, FL

Scope: This position is responsible for the implementation and configuration of the identity and access management platform, OKTA . This includes Universal Directory, Single Sign-On, Adaptive MFA, Lifecycle Management, Identity Governance, and Privileged Access. We require expertise in best practices for identity and access management (IAM) and a strong understanding of the Okta platform.

Okta Implementation and Configuration

The Systems Architect shall be responsible for implementing and configuring the following Okta modules to meet specific requirements:

5.2.1 Universal Directory (UD)

Establish Okta as the central source of truth for user identities.

  1. Configuration and maintenance of Okta Universal Directory.
  2. Integration of Okta with existing directories (e.g., Active Directory) and

HR systems.

  1. Design and implementation of user schema and group structures.

5.2.2 Adaptive Multi-Factor Authentication (MFA)

Implement adaptive MFA across all our applications to enhance security.

  1. Implementation and configuration of Adaptive MFA policies.
  2. Integration of MFA with various applications.
  3. User enrollment and support for MFA.

5.2.3 Integration with Zero Trust Network Access (ZTNA) Tool

Integrate Okta with our existing ZTNA solution.

  1. Collaboration with the ZTNA team to integrate Okta.
  2. Configuration of Okta to support ZTNA policies.
  3. Troubleshooting integration issues.

5.2.4 Lifecycle Management (LCM)

Implement automated user provisioning and de-provisioning based on approval workflows and the principle of least privilege. This includes assisting in identifying and defining appropriate roles based on positions and responsibilities.

  1. Development and implementation of automated provisioning and de- provisioning workflows.
  2. Configuration of application integrations for LCM.
  3. Ongoing maintenance and optimization of LCM processes.

5.2.5 Role-Based Access Control (RBAC)

Design and implement a robust RBAC model within Okta.

  1. Design and implementation of RBAC models within Okta.
  2. Assignment of roles and permissions to users.
  3. Review and maintenance of the RBAC structure.

5.2.6 Identity Governance (IG)

Configure access certifications, particularly with a focus on privileged access roles. Implement reporting, auditing, and overall governance on identity data and access.

  1. Configuration and execution of access certifications.
  2. Generation of reports and audit logs related to identity and access.
  3. Implementation of identity governance policies.

5.2.7 Privileged Access (PA)

Implement Just-In-Time (JIT) access, step-up authentication, and session isolation and monitoring for privileged users.

  1. Configuration of JIT access and step-up authentication.
  2. Implementation of session monitoring for privileged users.
  3. Documentation of privileged access procedures.

5.2.8 The Contractor will work collaboratively with our internal IT and security teams to achieve these objectives.

  1. Providing technical expertise and guidance on Okta and IAM best practices.
  2. Troubleshooting and resolving Okta-related issues.
  3. Documentation of configurations and procedures.
  4. Knowledge transfer to the Department's staff.

Work Hours: Work hours shall be from 8 am 5 pm, Monday - Friday, 40 hours a week.

Background Screening: In addition to any background screening required by the Contractor as a condition of employment, the Contractor warrants that it will conduct a criminal background screening of, or ensure that such a screening is conducted for, each of its employees, subcontractor personnel, independent contractors, leased employees, volunteers, licensees or other person, hereinafter referred to as Person or Persons, operating under their direction who directly perform services under the Contract, whether or not the Person has access to State of Florida Data, as well as those who have access, including indirect access, to State of Florida Data, whether or not they perform services under the Contract. The

Contractor warrants that all Persons will have passed the Background Screening described herein before they have Access to Data or begin performing services under the Contract. The lookback period for such background screenings will be for a minimum of six (6) years where six (6) years of historical information is available.

Responses Must Include

  • Resume
  • Contact Information Including phone number and email address
  • Immigration Status and if available to work the duration of the contract.
  • Current residing city and state
  • Education, Experience, and Skills Matrices (Found Below)
  • 3 References (See Below)
  • Exhibit E Form, Resume Self-Certification Form (See Attachment)

Educational Requirements.

Degree / Certification / Dates

University / Schools

Bachelor's degree in computer science, software engineering, or a related field.

Required Experience

Years of Experience

Last Year Used

At least ten (10) years of documented experience in Information Technology, with a strong focus on Security and Identity and Access Management (IAM).

Preferred Experience

Years of Experience

Last Year Used

Deep technical expertise in the Okta platform, including advanced configuration and management.

Proven ability to architect and implement Okta solutions in complex environments.

Experience with integrating Okta with various applications and security tools (like ZTNA).

Designing and implementing automated provisioning workflows and Role-Based Access Control (RBAC) models within Okta.

Experience with access certifications, particularly for privileged access roles.

Setting up and utilizing Okta's reporting, auditing, and identity governance functionalities.

Implementing Privileged Access features such as Just-In-Time (JIT) access and step-up authentication.

Skills and Competencies

Years of Experience

Last Year Used

COMUNICATION

a. Excellent verbal and written communication skills, including the ability to articulate complex technical concepts related to identity and access management to both technical and non- technical stakeholders (security teams, application owners, end-users).

b. Ability to clearly document system configurations, integration processes, and architectural designs related to identity management.

c. Facilitation of technical discussions and workshops related to identity and access management design and implementation.

d. Ability to present identity management solutions and recommendations effectively to various audiences.

e. Understands communication regarding project status, risks, and issues related to the identity management environment.

f. Proactively shares knowledge and best practices related to identity management with the internal team.

TECHNICAL UNDERSTANDING

a. Deep and comprehensive understanding of enterprise-level identity and access management platforms, including directory services, single sign-on (SAML, OAuth 2.0, OIDC), multi-factor authentication, lifecycle management (provisioning, de-provisioning, workflows), identity governance (access certifications, SoD), and privileged access management (JIT, step-up).

b. Strong understanding of integration methodologies for connecting identity management systems with various SaaS applications, on-premises systems, directories (AD, LDAP), and custom applications using standard protocols and APIs.

c. Working knowledge of security protocols and best practices related to authentication, authorization, and identity management.

d. Understanding of network concepts relevant to identity management system deployment and integration (firewalls, proxies, etc.).

e. Familiarity with scripting languages (e.g., PowerShell, Python) for automation tasks within or related to identity management.

f. Knowledge of API integration and management, particularly with identity management platform APIs.

PROBLEM SOLVING & ANALYTICAL SKILLS

a. Strong analytical skills to diagnose and resolve technical issues within the identity management environment and its integrations.

b. Ability to translate business requirements into effective and secure identity management configurations and policies.

c. Excellent authorization, provisioning, and other identity management- related problems.

d. Ability to identify potential risks and propose mitigation strategies

e. Keeps abreast of the latest features, updates, and security best practices in the identity and access management landscape.

f. Ability to optimize identity management system configurations for performance and scalability.

IMPLEMENTATION & DESIGN LEADERSHIP

a. Ability to guide the technical implementation of the identity management platform based on best practices and architectural principles.

b. Experience in designing scalable and secure identity management solutions to meet current and future needs.

c. Ability to make sound technical decisions regarding platform configuration and integration strategies.

d. Mentors and guides internal team members on identity management best practices and technical aspects.

TEAMWORK

a. Ability to effectively collaborate with security teams, application owners, network engineers, and other stakeholders during the identity management platform implementation.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.