Senior IAM Engineer, Okta
Job Description
Company: remoterocketship
Location: New York, US
Job Description: Own the Okta for Government High (FedRAMP High) tenant — configuration, health, lifecycle, and security posture
Manage Universal Directory: on-prem AD Agent sync, HRIS attribute mastering, profile mappings, and group rules
Build and maintain all SSO app integrations via the Okta Integration Network (OIN) using SAML, OIDC, and SCIM
Own and maintain Okta Adaptive MFA policies: factor enrollment rules, risk-based step-up authentication, FIDO2/YubiKey/PIV/CAC configuration
Maintain the Okta System Log to Microsoft Sentinel log streaming pipeline and retention configuration
Own Okta Identity Governance (OIG): entitlement catalog, access certification campaign setup, SoD policy rules, and access request workflow design
Own, Build and Maintain Okta Lifecycle Management: JML automation rules, HRIS connector configuration, and auto-provisioning and deprovisioning into all connected applications, access review triggers, and automated remediation
Design, build, and document all Okta-side enhancements including new app onboarding, policy changes, and IGA configuration updates
Write test cases for all Okta-side changes; execute UAT jointly with the Identity Governance & Operations Analyst before production promotion
Support Identity Operations Specialist on Tier 2 Okta escalations and Workflow troubleshooting
Assist Identity Governance & Operations Analyst with OIG campaign configuration and certification reporting
Requirements: 4+ years of hands-on Okta administration and engineering experience
Demonstrated experience with Okta SSO app integrations via SAML 2.0 and OIDC
Experience with Okta Lifecycle Management and HRIS connector configuration
Experience building Okta Workflows for provisioning automation
Experience with Okta Adaptive MFA policy configuration including FIDO2/WebAuthn and hardware token enrollment
Experience with Okta Universal Directory including AD Agent deployment and profile
Source: BeBee
