Customer Identity and Access Management (CIAM) Okta DevOps Engineer

March 21

Cloud Security Services

WebsiteLinkedInAll Job Openings

Cybersecurity keeps you up at night ? Dont know where to start with zero trust ? Look no further.

Zero Trust • Workforce Identity and Access Management • Customer Identity and Access Management • Data Security (Rest and In Motion) • Perimeter-less Security

2 - 10

Description

• Design, develop, and deploy CIAM solutions focused on Identity Governance and Administration workflows • Implement Okta and Okta Identity Governance for applicable use cases across business lines • Develop Okta Workflows and LCM flows to provision and maintain users in Okta and downstream applications • Interface with proprietary APIs to create and modify accounts in downstream applications • Abstract proprietary APIs and create a simple interface that Okta can consume • Install and experiment with Okta connectors such as 'Anything as a Source' and SCIM Connector • Configure access requests and certification campaigns • Document all decisions and gain consensus across the team • Ensure that all implementations will function properly at customer scale (100,000 to millions of users) • Work effectively with IGA product owners, architects, and engineers • Highlight any issue/concerns and be prepared to raise concerns to vendor

Requirements

• Senior and experienced Okta developer (4-7 years) in creating Okta capabilities from the customers design pattern diagrams • 5 years’ experience working in information security space in an engineering capacity • 3-5 years hands-on experience with Okta Platform • Experience with integrating Okta into API gateways • Experience with Okta Identity Governance (OIG) • Good understanding of CIAM • Intimately familiar with IAM related protocols such as SAML, SPML, XACML, SCIM, OpenID, and OAuth • Good understanding of MFA, PAM, and Risk-Based Authentication • Deep technical understanding of IAM solutions across multiple vendors such as Okta • Experience with NIST SP800-63 Digital Authentication Standard • Experience creating custom authorization servers, defining scopes and claims, and creating policies and rules to secure APIs • Experience using Okta REST APIs and knowing how to pass the correct API parameters in requests • Experience assigning and unassigning apps to users using Okta Users and Groups APIs • Knowledge of how to validate an authenticated user's session • Understanding of the design principles of Okta APIs, including how to use pagination and how to filter query parameters on attributes • Knowledge of how to identify and work with Okta API rate limits • Knowledge of where to find the most current documentation and resources on Okta APIs • Experience using Okta APIs to query logs and events • Experience creating, updating, and deleting users, groups, and apps using Okta APIs • Knowledge of when to use Okta REST APIs, Sign-in Widgets, and SDKs • Understanding of the various Okta supported OIDC and OAuth flows, and knowledge of when to use them • Understanding the differences between an Org authorization server and a custom authorization server in the context of OIDC and OAuth • Understanding of how Okta policy and the rules associated with that policy affect API calls and responses • Knowledge of how to create sessions in Okta using Okta APIs and SDKs • Knowledge of how to configure trusted origins (CORS, Redirect), and understanding of the effects of the configuration of a trusted origin when redirecting users • Excellent analytical skills • Collaborative team worker – both in person and virtually using MS Teams or similar • Excellent documentation skills; demonstrated proficiency in Microsoft Office including Word, Excel, and PowerPoint • Ability to work as a liaison between business and information security/information technology • Flexibility to accommodate working across different time zones • Excellent interpersonal communication skills with strong spoken and written English • Business outcome mindset • Solid balance of strategic thinking with detail orientation • Self-starter, ability to take initiative • Project management and organizational skills with attention to detail • Bachelor's degree (BA/BS) from a four-year college or university; or equivalent training, education, and work experience • Preferred Education Cybersecurity certifications such as CISSP, CISM, etc.

Benefits

• 4-month remote project opportunity