Identity & Access Management (IAM) Operations Engineer, Senior

Overview

Who we are

Collaborative. Respectful. A place to dream and do. These are just a few words that describe what life is like at Toyota. As one of the world's most admired brands, Toyota is growing and leading the future of mobility through innovative, high-quality solutions designed to enhance lives and delight those we serve. We're looking for talented team members who want to Dream. Do. Grow. with us.

An important part of the Toyota family is Toyota Financial Services (TFS), the finance and insurance brand for Toyota and Lexus in North America. While TFS is a separate business entity, it is an essential part of this world-changing company- delivering on Toyota's vision to move people beyond what's possible. At TFS, you will help create best-in-class customer experience in an innovative, collaborative environment.

IAM Ops Engineer , Senior

Location: Plano, TX

T o save time applying, Toyota does not offer sponsorship of job applicants for employment-based visas or any other work authorization for this position at this time.

Who We're Looking For

This role requires deep hands-on expertise in Privileged Access Management (PAM)-particularly with platforms like CyberArk or Delinea-and strong proficiency in Okta Workforce Identity, including SSO, MFA,

We're seeking an Identity and Access Management Engineer to join our Information Security team at Toyota Financial Services.

The ideal candidate must have hands-on expertise in Privileged Access Management (PAM)-particularly with platforms like CyberArk or Delinea-and strong proficiency in Okta Workforce Identity, including SSO, MFA,

What You'll Be Doing

• Administer and maintain Privileged Access Management platforms to ensure secure, compliant operations, including credential vaulting, access control, session monitoring, and policy enforcement.
• Maintain and enhance PAM integrations with ITSM, SIEM, and infrastructure tools to boost efficiency, incident response, and access control.
• Administer and support Okta Workforce Identity to ensure secure authentication, SSO, MFA, and streamlined identity lifecycle processes.
• Monitor, troubleshoot, and optimize Okta integrations and workflows, including federated identity setups, API-based automation, and application onboarding, to maintain high availability, performance, and compliance with security standards.
• Monitor, troubleshoot, and optimize Okta integrations and workflows -covering federated identity, API automation, and app onboarding-to ensure availability, performance, and security compliance.
• Implement federated identity and access models, supporting SAML, OIDC, and OAuth protocols for third-party and partner integrations.
• Collaborate with Governance, Incident Response, and Engineering teams to ensure secure and compliant access controls

• Ensure IAM solutions are designed and operated in alignment with established governance frameworks, including SOX, GDPR, and PCI-DSS, as well as other relevant compliance standards.
• Lead technical efforts during identity-related security incidents.

• Continuous Improvement: Stay current with IAM trends and technologies to drive innovation.

What You Bring

• 4+ years of experience in Identity and Access Management, with a primary focus on PAM and Workforce Identity
• Extensive hands-on experience managing PAM platforms like CyberArk and Delinea, with deep knowledge of credential vaulting, session monitoring, access provisioning, and policy enforcement in enterprise environments.
• Strong operational focus on stability, scalability, and compliance, with proven success integrating PAM with ITSM, SIEM, and infrastructure tools to streamline operations and support incident response.
• Deep understanding of Active Directory, PowerShell scripting, account provisioning, and access governance.
• Extensive experience managing and scaling Okta Workforce Identity, with hands-on expertise in SSO, MFA, and automated lifecycle workflows for secure, efficient enterprise access.
• Skilled in optimizing identity integrations using Okta APIs, Workflows, and federation protocols (SAML, OIDC) to improve authentication, streamline user lifecycle, and ensure security compliance.
• Solid understanding of access protocols: SAML, OAuth2, OIDC, WebAuthN
• Strong troubleshooting and analytical skills across IAM environment
• Knowledge of SOX, GDPR, PCI-DSS, and alignment of IAM processes with audit requirements
• Experience with ITIL, Lean, and Agile tools (Jira, Confluence, ServiceNow)
• Excellent communication and cross-functional collaboration skills
• Experience with Just-In-Time (JIT) access, session monitoring, and credential rotation in PAM environments

Bonus Qualifications

• Bachelor's degree in Computer Science, Information Security, or related field
• IAM certifications (e.g., SailPoint BA, ISC2 SSCP, CISSP Associate)
• Experience integrating IAM with AWS or Azure

What we'll bring

During your interview process, our team will provide detailed information about our industry-leading benefits and career development opportunities. Here are a few highlights:

• A work environment built on teamwork, flexibility, and respect.
• Professional growth and development programs to help advance your career, including tuition reimbursement.
• Team Member Vehicle Purchase Discount.
• Toyota Team Member Lease Vehicle Program (if applicable).
• Comprehensive health care and wellness plans for your entire family.
• Toyota 401(k) Savings Plan with a company match, plus an annual retirement contribution from Toyota regardless of your own contributions.
• Paid holidays and paid time off.
• Referral services for prenatal services, adoption, childcare, schools, and more.
• Tax advantaged Accounts (Health Savings Account, Health Care FSA, Dependent Care FSA) .
• Relocation assistance (if applicable).

Belonging at Toyota

Our success begins and ends with our people. We embrace all perspectives and value unique human experiences. Respect for all is our North Star. Toyota is proud to have 10+ different Business Partnering Groups across 100 different North American chapter locations that support team members' efforts to dream, do and grow without questioning that they belong.

Applicants for our positions are considered without regard to race, ethnicity, national origin, sex, sexual orientation, gender identity or expression, age, disability, religion, military or veteran status, or any other characteristics protected by law.

Have a question, need assistance with your application or do you require any special accommodations? Please send an email to .