Senior Okta Implementation Engineer #11157

ECCO Select is a talent acquisition and consulting company specializing in people, process and technology solutions. They are seeking a skilled Senior Okta Implementation Engineer / Technical Administrator to support a mission-critical identity modernization program focused on the migration and integration of legacy applications into a centralized Okta identity platform.

Responsibilities:

• Configure and administer Okta for robust centralized identity and access management across both legacy and modern applications
• Lead the technical migration and onboarding of legacy applications into Okta—including federation setup, user and group assignments, claims, and role mapping
• Implement, test, and troubleshoot SAML 2.0, OIDC, OAuth 2.0, and header-based authentication methods for various applications
• Modernize legacy authentication systems, supporting migration away from platforms such as AD FS, CA SiteMinder, Oracle IAM, and other on-premises identity providers
• Deploy and maintain MFA (Multi-Factor Authentication), sign-on, enrollment, and password policies within Okta, ensuring alignment with enterprise security requirements
• Ensure Okta configurations and procedures align with mandated regulatory controls and standards such as NIST 800-53, NIST 800-63B, and related security frameworks
• Manage Okta Lifecycle Management (LCM), including attribute mapping from Active Directory, LDAP, and HRIS sources and support for automated provisioning and deprovisioning
• Develop and maintain Okta Workflows for advanced identity lifecycle automation—covering joiner, mover, and leaver scenarios and custom automation requirements
• Support group, role, claims, and entitlement synchronization and management across the organizational IAM landscape
• Monitor and troubleshoot Okta AD Agents and IWA Agents, maintaining healthy synchronization across multiple directories and forests
• Support Okta Access Gateway (OAG) deployments for legacy apps lacking native SAML or OIDC support
• Perform advanced troubleshooting for authentication flows, claims transformation, API integrations, session management, access policies, and federation incidents
• Act as Tier 3 support for identity-related incidents—including log review, audit analysis, and API diagnostics employing tools such as Postman
• Integrate Okta logs and events into enterprise SIEM environments for comprehensive auditing and monitoring
• Collaborate with application, security, IAM, and architecture teams to resolve complex onboarding, authentication, and authorization challenges under demanding project timelines
• Document configuration standards, create technical runbooks, and transfer operational knowledge to team members
• Maintain Okta tenant health, remediating orphaned accounts, unused groups, and expired API tokens for optimal security and efficiency

Requirements:

• 5–7+ years of experience in identity and access management (IAM), identity engineering, or similar roles
• Minimum of 3 years hands-on Okta implementation and administration experience, including production/system configuration
• Practical expertise integrating and migrating legacy applications into Okta, particularly from AD FS, CA SiteMinder, Oracle IAM, or related platforms
• Thorough command of Okta Admin Console features—groups, claims, app integrations, policies (MFA, sign-on, enrollment, lifecycle), and workflow creation
• In-depth experience with OIDC, OAuth 2.0, SAML 2.0, and overall application federation patterns
• Direct knowledge of Okta Access Gateway for supporting non-standard SSO integrations
• Familiarity with Active Directory, LDAP, HRIS integrations, and advanced attribute mapping
• Experience using Postman with Okta APIs; automation and scripting skills (PowerShell and/or Python) for user/group management and reporting
• SIEM integration with Okta event logs for monitoring and compliance
• Strong troubleshooting and problem-solving skills across authentication, access, and identity workflows in time-sensitive contexts
• Experience working in regulated or federal environments with an understanding of compliance requirements (e.g., IL4 / IL5)
• Clear, professional written and verbal communication skills and ability to work collaboratively in high-paced, delivery-focused teams
• Bachelor's degree in Computer Science, Information Technology, or a related field (or equivalent work experience)
• Okta certifications (Certified Professional, Administrator, Consultant, or Architect) preferred
• Certifications such as Security+ or CISSP are advantageous
• Experience supporting federal agencies or contractors and with NIST 800-53, NIST 800-63B, or related federal security standards is highly desired
• Eligibility for a federal security clearance (U.S. Citizens only); active Public Trust, Secret, or Top Secret clearance is preferred
• Experience with identity governance technologies (e.g., SailPoint) is a plus