Crossover HealthRemote
Security Engineer - Identiy and Access Management
United States of America
Full Time
2 hours ago
$111,000 - $150,000 USD
H1B Sponsor
Key skills
Okta administrationSSO/SAML/OIDC integrationsAccess automationRBAC implementationIdentity governanceCloud platform IAMIdentity analyticsData privacy regulationsPythonPowerShellAnalyticsAWSAzureGCPTerraformGitHub ActionsIAMAzure ADOktaSAMLIdentity ManagementSSOGitHubServiceNowSaaSWorkdayCommunicationZero Trust
About this role
Crossover Health is creating the future of health as it should be, focusing on wellbeing and prevention through a new model of healthcare. The Security Engineer (IAM) will be responsible for building and operating the enterprise Identity and Access Management program, ensuring secure and scalable user access across the organization.
Responsibilities:
- Identity Platform Administration: Serve as the primary administrator for Okta and other IAM platforms, managing user identities, access policies, and integrations with internal and third-party applications
- SSO / SAML Integrations: Design, configure, and maintain SSO and SAML/OIDC integrations to enable secure and efficient authentication for both internal and external users across SaaS and custom applications
- Access Automation: Develop and deploy Okta Workflows and APIs to automate identity lifecycle events, access requests, access grants, and deprovisioning processes to ensure timely and compliant access control
- Access Governance: Collaborate with Security, HR, and IT to implement access review programs and ensure role-based access control (RBAC), least privilege, and segregation of duties across the environment
- Policy Enforcement: Translate security policies and compliance requirements into technical IAM controls and configurations, ensuring alignment with company policies and industry best practices
- Incident Support: Support incident response and audit activities by providing identity-related data, analysis, and remediation recommendations for access-related events or anomalies
- Documentation and Training: Maintain detailed documentation of identity systems, integrations, and workflows, and provide training and guidance to IT and business stakeholders on access management best practices
Requirements:
- 6+ years of experience in Information Security or IT with a focus on IAM
- 2+ years of hands-on experience administering Okta or equivalent enterprise IAM platforms
- Proven experience building and maintaining SSO/SAML/OIDC integrations
- Proficiency with Okta Workflows, Okta APIs, and automation using scripting (e.g., Python, PowerShell)
- Familiarity with modern authentication standards (SAML, OAuth2, OIDC, SCIM, MFA)
- Experience implementing RBAC, JIT provisioning, and lifecycle management across multiple environments
- Strong understanding of IAM principles, Zero Trust architecture, and security best practices
- Demonstrated ability to partner effectively across Security, IT, and HR functions
- Experience supporting audits, compliance reviews, or SOX/SOC2-related access controls
- Excellent communication, documentation, and problem-solving skills
- Ability to manage competing priorities in a dynamic, fast-paced environment
- Available to work after hours and weekends as needed
- Security related certifications, such as CISSP and/or other professional certifications
- Okta Certified Professional or Okta Certified Expert certification
- Experience with other IAM platforms (e.g., Azure AD, Ping Identity, ForgeRock, CyberArk, Saviynt, SailPoint)
- Experience with identity governance and access review tools or IGA implementations
- Familiarity with cloud platform IAM (AWS IAM, Azure AD, GCP IAM)
- Experience integrating identity data from HRIS and ITSM systems (e.g., Workday, ServiceNow)
- Experience with identity analytics and reporting for compliance and audit support
- Knowledge of infrastructure-as-code and automation frameworks (e.g., Terraform, GitHub Actions)
- Strong understanding of data privacy regulations (HIPAA, GDPR, CCPA) and their impact on identity management