CIAM Okta Engineer

Summary

The job is for a 4-month remote project as a Security CIAM Okta Engineer to implement Okta and Okta Identity Governance for various business lines. The role requires senior and experienced Okta developer with 4-7 years of experience, deep technical understanding of IAM solutions, excellent analytical skills, collaboration skills, documentation skills, and flexibility to accommodate different time zones.

Requirements

• Senior and experienced Okta developer (4-7 years) in creating Okta capabilities from the customers design pattern diagrams
• 5 years’ experience working in information security space in an engineering capacity
• 3-5 years hands on experience with Okta Platform
• Experience with integrating Okta into API gateways
• Experience with Okta Identity Governance (OIG)
• Good understanding of CIAM
• Intimately familiar with IAM related protocols such as SAML, SPML, XACML, SCIM, OpenID and OAuth
• Good understanding of MFA, PAM, and Risk Based Authentification
• Deep technical understanding of IAM solutions across multiple vendors such as Okta
• Experience creating custom authorization servers, defining scopes and claims, and creating policies and rules to secure APIs
• Experience using Okta REST APIs and knowing how to pass the correct API parameters in requests
• Experience assigning and unassigning apps to users using Okta Users and Groups APIs
• Knowledge of how to validate an authenticated user's session
• Understanding of the design principles of Okta APIs, including how to use pagination and how to filter query parameters on attributes
• Knowledge of how to identify and work with Okta API rate limits
• Knowledge of where to find the most current documentation and resources on Okta APIs
• Experience using Okta APIs to query logs and events
• Knowledge of how to create, update, and delete users, groups, and apps using Okta APIs
• Knowledge of when to use Okta REST APIs, Sign-in Widgets, and SDKs
• Understanding of the various Okta supported OIDC and OAuth flows, and knowledge of when to use them
• Understanding the differences between and Org authorization server and a custom authorization server in the context of OIDC and OAuth
• Understanding of how Okta policy and the rules associated with that police affect API calls and responses
• Knowledge of how to create sessions in Okta using Okta APIs and SDKs
• Knowledge of how to configure trusted origins (CORS, Redirect), and understanding of the effects of the configuration of trusted origin when redirecting users

Responsibilities

• Work as part of Client’s External Identity and Access Management team to implement Okta and Okta Identity Governance for applicable use cases across business lines
• Develop Okta Workflows and LCM (Lifecycle Management) flows to provision and maintain users in Okta and downstream applications
• Interface with proprietary APIs to create and modify accounts in downstream applications
• Install and experiment with Okta connectors such as 'Anything as a Source' and SCIM Connector
• Enable and use Okta Governance APIs (part of the new Okta Identity Governance tool). Configure access requests and certification campaigns
• Work effectively with IGA product owners, architects, and engineers. Document all decisions and gain consensus across the team
• Ensure that all implementations will function properly at customer scale (100,000 to millions of users). Highlight any issue/concerns and be prepared to raise concerns to vendor

Preferred Qualifications

Cybersecurity certifications such as CISSP, CISM, etc

Benefits

Remote work