Senior IAM Engineer with Integration experience

Phoenix, AZ, US • Posted 20 hours ago • Updated 20 hours ago

Contract Independent

Contract W2

Contract Corp To Corp

No Travel Required

On-site

Depends on Experience

HPTech Inc.

Fitment

Dice Job Match Score™

🛠️ Calibrating flux capacitors...

Job Details

Skills

Okta

Summary

Title: Senior IAM Engineer with Integration experience

Location: phoenix AZ - Onsite only

Duration: Contract

M&A Integrations (Okta/SSO)

Key Responsibilities

M&A / Integration Delivery

Design and implement tenant-to-tenant federation (Okta/ADFS/IdP‑initiated and SP‑initiated) and progressive consolidation to a primary IdP (Okta).
Plan and execute SSO cutovers for top business applications; define rollback plans and success criteria.
Establish secure B2B/B2E access patterns for acquired entities (SAML 2.0, OAuth 2.0/OIDC, SCIM).
Orchestrate account migration strategies (just-in-time provisioning, SCIM, directory sync), and drive de‑dupe/merge identity hygiene.

IAM Engineering & Operations

Configure and manage Okta (policies, routing rules, app integrations, Device Trust, MFA/Adaptive MFA, Groups, Lifecycle Management, Workflows).
Implement secure federation (SAML/OIDC), token policies, consent and scopes, and PKCE where applicable.
Integrate with Active Directory / LDAP, govern group design, and rationalize permissions to least‑privilege.
Define and enforce password vaulting patterns for non‑federated apps and privileged identities (e.g., CyberArk/HashiCorp/1Password Enterprise).
Build and maintain access review, joiner/mover/leaver (JML) automation, and policy-as-code where feasible.
Partner with app owners to onboard applications to SSO/MFA and eliminate legacy/basic auth.

Required Qualifications

Hands-on expertise with Okta (tenant administration, federation, SSO/MFA, Lifecycle Management, Workflows, SCIM, device posture).
Strong working knowledge of SSO, federation, SAML 2.0, OAuth 2.0, OpenID Connect, SCIM, and secure token handling.
Proficiency with Active Directory (domain trusts, OU/group strategy, GPO basics, identity hygiene) and directory sync concepts.
Demonstrated M&A integration experience: discovery, Day‑1 readiness, SSO cutover, identity consolidation, and decommissioning legacy IdPs.
Password vaulting/Privileged Access exposure (e.g., CyberArk, HashiCorp Vault, BeyondTrust, or enterprise password managers).
Applied least‑privilege and Zero Trust design; familiarity with NIST CSF, CIS Controls, or ISO 27001 principles.
Experience in AWS and/or Google Cloud Platform (federation, RBAC, service accounts, workload identity).
Strong verbal and written communication; ability to interface with execs, security, app owners, and engineers.
Scripting for automation (e.g., PowerShell, Python, Okta APIs/SDKs) and comfort with Git-based workflows.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: 91162806
Position Id: 8867457
Posted 20 hours ago

Company Info

About HPTech Inc.

HPTech Inc has grown to become a premier provider of IT consulting services for technology. With a specialized niche in transaction and data warehousing applications, HPTech Inc helps clients implement mission-critical, enterprise solutions, speed conversion from legacy environments, and optimize the benefits inherent in their systems. Our consulting solutions range from project strategy and planning, software assessment and selection, to implementation and integration, hosting and change management, support and maintenance translating to higher productivity, lower costs.

Go to company profile

Create job alert

Never miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

It looks like there aren't any Similar Jobs for this job yet.

Search all similar jobs