Key skills
ITSMPythonServiceNowTerraformTypeScriptGoPowerShellEntra IDOAuthOktaSAMLSSOSaaSWorkdayJiraStakeholder ManagementChange ManagementCommunication
About this role
Role Overview
- Identity Governance & Lifecycle Automation
- Design and operate identity lifecycle automation across directories, SaaS apps, and groups using HRIS/source-of-truth and SCIM/API integrations.
- Define and maintain standard access profiles by role, job family, and team.
- Build and run access review campaigns both for ad-hoc access and the composition of standard access profiles. Ensure evidence of access review campaign preparation and completion is audit-ready.
- Administer Directory and IdP Services
- Configure new applications and federated trusts (SAML/OIDC) in IdPs.
- Administer authentication, session, conditional access, and device trust policies, ensuring systems are hardened against unauthorized access and common threats, such as credential stuffing and session theft.
- Develop integrations and scripts (Python, TypeScript, and PowerShell preferred, with knowledge of APIs and webhooks a necessity).
- Adopt Infrastructure-as-Code where supported (e.g., Terraform for Okta and Entra).
- Enterprise Application Ownership, especially SaaS
- Lead the COTS/SaaS application lifecycle: intake & vendor assessment, PoC, secure configuration, go-live, ongoing administration, license/usage optimization, and deprecation.
- Partner with the business unit driving the usage of each application define, document, implement, and administer the application’s access model.
- Integrate enterprise applications with central identity services (directory/IdP), enabling JIT/SCIM provisioning and deprovisioning.
- Integrate applications into standard security-relevant operational processes, such as asset management, configuration hardening, data loss prevention, change management, and security monitoring.
- Compliance, Monitoring & Evidence
- Map identity and application controls to FFIEC, GLBA, SOX, PCI-DSS, and NIST CSF v2.0 requirements.
- Centralize application logs and admin activity, partner with business units and the Security Operations team to develop monitoring, and coordinate with Security Operations for incident response and forensics when required.
- Prepare audit evidence packages (config exports, campaign artifacts, approvals) and lead remediation of exceptions.
Requirements
- Must-have a blend of business operations understanding and technical expertise.
- Demonstrated experience in several of the following:
- Identity Governance & Administration (e.g., Okta IGA/Workflows, SailPoint), directory/IdP (e.g., Entra ID, Okta).
- SSO & federation standards (SAML, OIDC, OAuth 2.0), MFA/conditional access, device trust.
- HRIS/ITSM integration (e.g., Workday/UKG/BambooHR; ServiceNow/Jira) and SCIM/JIT provisioning.
- RBAC/ABAC design, role mining, separation of duties modeling for financial/operational functions, periodic access reviews.
- Scripting & automation (PowerShell, Python), REST APIs, webhooks.
- Experience with IaC or policy-as-code.
- SaaS platform administration at scale (license management, secure configuration, delegated administration, audit logging).
- Regulatory familiarity: FFIEC, GLBA, SOX, NIST CSF/SP 800-53 and evidence automation for audits.
- Strong stakeholder management, process mapping, and communication skills. Able to influence across teams.
- Comfortable operating effectively in a dynamic and changing environment (often with unstructured and/or virtual teams).
- Ability to manage multiple priorities, meet deadlines, and deliver business results.
Tech Stack
- ITSM
- Python
- ServiceNow
- Terraform
- TypeScript
Benefits
- Medical Coverage: Choose from three competitive medical plans to find the coverage that best fits your needs and lifestyle.
- Health Savings Account (HSA): Available with eligible medical plans, offering tax advantages and employer contributions.
- Flexible Spending Accounts (FSA): Options for healthcare and dependent care expenses to help you save on out-of-pocket costs.
- Dental and Vision Insurance: Plans to keep you and your family smiling and seeing clearly.
- Life Insurance: Company-paid basic life insurance with options to purchase additional coverage for yourself and your dependents.
- Long-Term /Short-Term Disability (LTD): Income protection in the event of a long-term illness or injury.
- Supplemental Benefits: Including Hospital Indemnity, Accident Insurance, and Critical Illness coverage to provide extra financial support when you need it most.
- 401(k) Retirement Plan: A competitive retirement savings plan with company matching to help you plan for the future.
- Paid Time Off: Generous vacation and sick leave policies to support your time away from work.
- Holidays: Enjoy 11 paid holidays throughout the year.