Systems Engineer, Infrastructure
Location: Houston, TX (Hybrid 4:1)
Reports To: Manager, Identity and Access Management
Employment Type: Full time
About Us Help us insure it. Tokio Marine HCC is a leading global specialty insurance group, backed by the strength and stability of the Tokio Marine Group. With more than 50 years of sustained growth and profitability, and offices across the United States, the United Kingdom, Europe, and other international locations, we offer more than 100 classes of specialty insurance-covering everything from the crops that feed us and the concerts that entertain us to rescuing travelers abroad.
Guided by our Mind Over Risk philosophy, we empower clients to pursue opportunities with confidence while fostering a culture rooted in innovation, collaboration, and trust. Always Advancing, we embrace an entrepreneurial spirit; as Experts in Tomorrow, we anticipate what's next; and by Reaching Out, we build genuine connections that enable our people and our business to thrive.
Role Overview Work as a technical lead and subject matter expert in designing, architecting, implementing, operating, and maintaining access management solutions using Entra ID, Active Directory, Okta.
Key Responsibilities - Proven expert knowledge of Azure Entra ID capabilities such as Conditional Access Policies, Privileged Identity Manager and Application Registrations.
- Strong understanding of PIM and the assignment of roles / IAM permissions on Management Groups, Subscriptions and Resources.
- Azure Infrastructure Management to include user accounts, groups, conditional policies, Intune management, mobile device management, and endpoint security.
- Strong understanding of App registration, Enterprise Apps, SPN's and managed identities with the understanding of least privileged administration when it comes to MS Graph API allocation of permissions.
- Strong understanding of multifactor authentication, SSPR and WHfB.
- Strong PowerShell scripting skills, automation, and scheduling skills when working with data in Azure.
- Good understanding of Intune policies management and autopilot.
- Stay abreast of the latest Entra ID features, best practices, and security trends, and make recommendations for continuous improvement.
- Strong background in Active Directory covering domains that span geographies with numerous domain controllers, AD sites and a user base of 5000+.
- Strong understanding of DNS and GPOs, user object and OU administration.
- Solid understanding of Microsoft Tiering, IAM, and PAM concepts.
- Strong knowledge of server operating systems from Windows 2016 to Windows 2025.
- Strong understanding of the FSMO roles when it comes to maintaining the security and integrity of the domain.
- Strong understanding of the delegation of permissions across the domain OU structure.
- Strong PowerShell scripting skills, automation, and scheduling skills.
- Solid understanding of the recovery steps needed to recover a domain in the event of a disaster.
- Able to demonstrate a strong understanding of IAM concepts, including identity federation, SSO, SAML, OAuth, OIDC, MFA, role-based access control (RBAC), and least privilege principles.
- Provide Okta subject matter expertise on application integration, IAM functionality, and Okta's feature roadmap.
- Design and implement Okta platform configurations to align with overall solution architecture and customer requirements.
- Drive and support customer application integrations into Okta-based IAM solutions and troubleshoot technical issues before, during, and after application integration.
What You Bring - Bachelor's degree in Computer Science, a related field, or the equivalent education and/or experience.
- 2 years of relevant and progressive professional experience.
- Knowledge and experience of CyberArk advantageous.
- Knowledge and experience with Rubrik advantageous.
- Microsoft, Azure or Okta certification are highly beneficial.
Travel Occasional travel (up to 10% of time)
What We Offer - Competitive salary and comprehensive medical, vision, and dental benefit package, with eligibility beginning on your date of hire
- Strong learning culture with ongoing development opportunities
- Basic life and disability insurance
- 401(k) plan with 6% company match
- 20 days of PTO, two floating holidays, approximately 11 paid holidays, and volunteer time off
- Paid parental leave
- An opportunity to do meaningful work and love what you do
Equal Opportunity Employer TMHCC is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity, genetic information, marital status, medical condition, national origin, physical or mental disability, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations, and ordinances.
#LI-SD1
Never miss an opportunity! Create an alert based on the job you applied for.
