Sr CIAM Engineer

• Systems Planning and Implementation: Actively participate in the planning and implementation of IAM systems, infrastructure, and related hardware and software in response to customer requests and organizational requirements.
• Programming/Scripting: Perform system-level programming/scripting to facilitate the management of supported applications and technologies, including Okta Expression Language (EL) and PowerShell.
• System Management: Conduct configuration, integration, maintenance, performance management, security management, failure analysis and recovery, and user support.
• IAM Technology Deployment: Lead IAM technology deployment projects, such as Okta, Auth0, and Microsoft Entra ID, ensuring deployments fulfill user needs and comply with security standards.
• API Management: Build, analyze, operate, and scale API management solutions to protect customer and workforce data, services, and applications.
• Security Standards: Emphasize security standards and user needs fulfillment in the deployment of IAM solutions, including MFA, RBAC, fine-grained authorization, passwordless authentication, and B2B/B2C scenarios.
• Emerging Technologies: Research emerging IAM technologies, including new products, services, protocols, and standards to inform procurement and development strategies.
• Governance, Risk, and Compliance (GRC): Develop and implement GRC strategies to ensure IAM solutions comply with regulatory requirements and industry standards. Conduct risk assessments and audits to identify and mitigate potential security risks.
• Vendor Liaison: Serve as a liaison to vendors (e.g., Okta, Auth0, Microsoft) to facilitate problem resolution.
• Project Leadership: Lead projects, working directly with Project Management, Account Management, and Customer teams.
• Mentorship: Mentor and cross-train technical staff, peers, and subordinate team members in IAM technologies and best practices.
• Development Standards: Provide guidance on development standards and quality expectations.
• Collaboration: Collaborate with technical staff, including project managers, to deliver customer-centric solutions, including presenting design and deployment strategies.
• Policy Development: Develop and oversee the implementation of policies and procedures to ensure system provisioning and maintenance is consistent with company goals, industry best practices, and regulatory requirements.
• Account Management: Manage end-user accounts, permissions, and access rights in accordance with best practices regarding privacy, security, and regulatory compliance.
• ITIL Standards: Participate and adhere to defined ITIL standards for incident, request, and change management.
• Documentation: Document problems and resolutions for future reference, as well as platform configurations and standards.
• Communication: Maintain excellent communication skills, particularly across functional technical areas.
• On Call Rotation (PIC) is required

Qualifications

• IAM design, administration, and support for a minimum of 5 years.
• Experience with Okta, Auth0, and Microsoft Entra ID for a minimum of 3 years.
• Ability to design IAM solutions aligned with Zero Trust, identity governance, and adaptive authentication.
• Strong understanding of SSO, SAML, OAuth/OIDC, adaptive authentication, MFA, RBAC, and fine-grained authorization.
• Experience in API management and protecting customer and workforce data, services, and applications.
• Proficiency in JavaScript (Node.js preferred): Strong understanding of web security fundamentals to mentor application teams, extend IAM workflows, and automate tasks.
• Strong knowledge of security frameworks: Familiar with OWASP, NIST, and other industry-standard security principles.
• IAM Solution Design: Ability to design IAM solutions aligned with Zero Trust and Identity governance
• Proficiency in scripting with Okta Expression Language (EL) and PowerShell.
• Knowledge of GRC strategies and experience in conducting risk assessments and audits.
• Familiarity with CI/CD pipelines and tools such as Ansible, GitHub, Terraform, and Jenkins.
• Experience working in a hybrid multi-cloud environment with Azure and AWS.
• Must be able to work irregular hours as needed and participate in the on-call rotation to meet business needs
• Ability to sit at a desk and work on a computer for extended periods of time
• May occasionally lift and/or move up to 10 pounds
• Vision abilities required by this job include close vision and ability to adjust focus
• Bachelor’s degree from a four-year college or university or a combination of equivalent education and work experience.
• Relevant certifications such as Okta Certified Professional, CISSP, and Microsoft Certified: Identity and Access Administrator Associate (SC-300) highly preferred