Summary
The job is for a 4-month remote project as a Security CIAM Okta Engineer to implement Okta and Okta Identity Governance for various business lines. The role requires senior and experienced Okta developer with 4-7 years of experience, deep technical understanding of IAM solutions, excellent analytical skills, collaboration skills, documentation skills, and flexibility to accommodate different time zones.
Requirements
- Senior and experienced Okta developer (4-7 years) in creating Okta capabilities from the customers design pattern diagrams
- 5 years’ experience working in information security space in an engineering capacity
- 3-5 years hands on experience with Okta Platform
- Experience with integrating Okta into API gateways
- Experience with Okta Identity Governance (OIG)
- Good understanding of CIAM
- Intimately familiar with IAM related protocols such as SAML, SPML, XACML, SCIM, OpenID and OAuth
- Good understanding of MFA, PAM, and Risk Based Authentification
- Deep technical understanding of IAM solutions across multiple vendors such as Okta
- Experience creating custom authorization servers, defining scopes and claims, and creating policies and rules to secure APIs
- Experience using Okta REST APIs and knowing how to pass the correct API parameters in requests
- Experience assigning and unassigning apps to users using Okta Users and Groups APIs
- Knowledge of how to validate an authenticated user's session
- Understanding of the design principles of Okta APIs, including how to use pagination and how to filter query parameters on attributes
- Knowledge of how to identify and work with Okta API rate limits
- Knowledge of where to find the most current documentation and resources on Okta APIs
- Experience using Okta APIs to query logs and events
- Knowledge of how to create, update, and delete users, groups, and apps using Okta APIs
- Knowledge of when to use Okta REST APIs, Sign-in Widgets, and SDKs
- Understanding of the various Okta supported OIDC and OAuth flows, and knowledge of when to use them
- Understanding the differences between and Org authorization server and a custom authorization server in the context of OIDC and OAuth
- Understanding of how Okta policy and the rules associated with that police affect API calls and responses
- Knowledge of how to create sessions in Okta using Okta APIs and SDKs
- Knowledge of how to configure trusted origins (CORS, Redirect), and understanding of the effects of the configuration of trusted origin when redirecting users
Responsibilities
- Work as part of Client’s External Identity and Access Management team to implement Okta and Okta Identity Governance for applicable use cases across business lines
- Develop Okta Workflows and LCM (Lifecycle Management) flows to provision and maintain users in Okta and downstream applications
- Interface with proprietary APIs to create and modify accounts in downstream applications
- Install and experiment with Okta connectors such as 'Anything as a Source' and SCIM Connector
- Enable and use Okta Governance APIs (part of the new Okta Identity Governance tool). Configure access requests and certification campaigns
- Work effectively with IGA product owners, architects, and engineers. Document all decisions and gain consensus across the team
- Ensure that all implementations will function properly at customer scale (100,000 to millions of users). Highlight any issue/concerns and be prepared to raise concerns to vendor
Preferred Qualifications
Cybersecurity certifications such as CISSP, CISM, etc
Benefits
Remote work
