Key skills
IdentityAccess ManagementMicrosoft Azure EntraOktaOIDCOAuth 2.0SAMLConditional Access policiesSingle Sign On (SSO)API securityAuthentication troubleshootingAzureIAMEntra IDOAuthSSO
About this role
Genesis10 is currently seeking a Security Engineer - Identity & Access Management (IAM) position with a Leading Pharmacy Benefit Manager located in MN. The Security Engineer is responsible for designing, implementing, and operating identity and access security controls that protect the client's information systems from unauthorized access, misuse, alteration, or disclosure.
Responsibilities:
- Design, implement, and manage Conditional Access policies to enforce MFA, device posture, network location, and risk-based access controls for workforce and guest users
- Administer application registrations and enterprise applications, including permissions consent, secrets and certificate management, and lifecycle governance
- Configure and support Single Sign On (SSO) using Entra ID as an Identity Provider (IdP) for applications leveraging OIDC, OAuth 2.0, and SAML
- Secure and manage Azure API access, including OAuth scopes, app roles, managed identities, and service principals
- Perform advanced Azure Entra troubleshooting, including authentication failures, token issuance issues, conditional access evaluations, and sign-in diagnostics
- Support identity related incidents, access escalations, and production issues with a focus on root cause analysis and prevention
- Administer Okta Customer Identity environments supporting client, member, and pharmacy facing applications
- Configure SSO as both an Identity Provider (IdP) and Service Provider (SP) using OIDC, OAuth 2.0, and SAML for internal and external integrations
- Manage customer-managed IDPs federated into Okta, including configuration, troubleshooting, and security review
- Oversee application onboarding and registration in Okta, including claims, scopes, token lifetimes, and signing credentials
- Design and enforce Okta API security, including OAuth authorization servers, access policies, and rate limiting
- Maintain Okta tenant security posture, including policy administration, MFA enforcement, session policies, and baseline security controls
- Collaborate with application teams to design secure authentication and authorization patterns for new and existing systems
- Support IAM lifecycle processes, including access reviews, role changes, and decommissioning
- Contribute to identity-related security standards, architecture documentation, and operational runbooks
- Participate in security incident response activities related to identity compromise or access control failures
- Support audits, compliance assessments, and security reviews by providing evidence and technical explanations
- Serve as backup or secondary support across IAM platforms to ensure continuity and operational resilience
Requirements:
- Proven expertise in designing, implementing, and operating identity and access security controls
- Experience with Microsoft Azure Entra and Okta environments
- Knowledge of OIDC, OAuth 2.0, and SAML protocols
- Experience with Conditional Access policies, SSO, and API security
- Ability to collaborate with application teams, infrastructure, security, and business stakeholders