Key skills
JavaScriptLinuxNode.jsPythonPowerShellIAMOAuthOktaSAMLActive DirectorySSOSingle Sign-OnREST API
About this role
Role Overview
- Design, deploy, configure, and manage complex Okta environments including Universal Directory, Lifecycle Management, Workflows, and API Access Management
- Architect and implement Okta Access Gateway (OAG) solutions for header-based authentication and legacy application integration
- Design and manage user lifecycle governance including provisioning, deprovisioning, and access certification workflows
- Architect authentication policies, authorization rules, access workflows, and security controls for enterprise-scale deployments
- Implement and oversee Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Adaptive Authentication across diverse application portfolios
- Ensure adherence to least-privilege and Zero-Trust principles for all user and application identities
- Lead implementation of modern IAM capabilities such as Just-in-Time (JIT) access provisioning and Conditional Access and risk-based authentication
- Design and build automated identity workflows using Okta Workflows for application onboarding, user access requests, and complex business processes
- Lead technical architecture and design for large-scale, complex Okta implementations across global enterprises
- Create technical architecture documentation, solution designs, and implementation roadmaps for enterprise clients
Requirements
- Bachelor's degree in Computer Science, Information Security, or related field — or equivalent work experience
- 5–7+ years of experience in Identity and Access Management engineering or Consulting
- Extensive hands-on experience with Okta including Universal Directory, Lifecycle Management, Workflows, and API Access Management
- Proven experience designing and implementing Okta Access Gateway (OAG) solutions
- Strong experience developing complex Okta Workflows including custom connectors and API integrations
- Proficiency in API development languages including Python, JavaScript/Node.js, and PowerShell
- Experience with REST API development and integration
- Proven track record leading technical architecture on large-scale, complex IAM projects for enterprise organizations
- Strong understanding of identity governance, SSO protocols (SAML, OIDC, OAuth), MFA, and access certification
- Experience with Windows/Linux server administration and Active Directory
- Deep knowledge of common security frameworks and access control principles
- Demonstrated ability to design and document complex technical architectures.
Tech Stack
- JavaScript
- Linux
- Node.js
- Python
Benefits
- Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family). If you choose the High Deductible / HSA plan, GPS will contribute in 4 equal quarterly installments: ($850 per EE annually / $1750 per family annually (includes spouse/children/family options)
- Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
- 12 corporate holidays and a Flexible Time Off (FTO) program
- Healthy mobile phone and home internet allowance
- Eligibility for retirement plan after 2 months at open enrollment
- Pet Benefit Option