Customer Identity and Access Management (CIAM) Okta Engineer
Cloud Security Services is seeking a security Customer Identity and Access Management (CIAM) Okta Engineer with background in global, complex, and diverse CIAM environments to design, develop, and deploy CIAM solutions focused on Identity Governance and Administration workflows. This is a 4-month remote project opportunity.
Key Responsibilities
Work as part of Client’s External Identity and Access Management team to implement Okta and Okta Identity Governance for applicable use cases across business lines Develop Okta Workflows and LCM (Lifecycle Management) flows to provision and maintain users in Okta and downstream applications. Interface with proprietary APIs to create and modify accounts in downstream applications. Where possible, abstract proprietary API's and create a simple interface that Okta can consume. Install and experiment with Okta connectors such as "Anything as a Source" and SCIM Connector Enable and use Okta Governance APIs (part of the new Okta Identity Governance tool). Configure access requests and certification campaigns. Work effectively with IGA product owners, architects, and engineers. Document all decisions and gain consensus across the team. Ensure that all implementations will function properly at customer scale (100,000 to millions of users). Highlight any issue/concerns and be prepared to raise concerns to vendor. Required Skills Senior and experienced Okta developer (4-7 years) in creating Okta capabilities from the customers design pattern diagrams. 5 years’ experience working in information security space in an engineering capacity. 3-5 years hands on experience with Okta Platform Experience with integrating Okta into API gateways. Experience with Okta Identity Governance (OIG) Good understanding of CIAM Intimately familiar with IAM related protocols such as SAML, SPML, XACML, SCIM, OpenID and OAuth Good understanding of MFA, PAM, and Risk Based Authentification Deep technical understanding of IAM solutions across multiple vendors such as Okta Experience with NIST SP800-63 Digital Authentication Standard Experience creating custom authorization servers, defining scopes and claims, and creating policies and rules to secure APIs Experience using Okta REST APIs and knowing how to pass the correct API parameters in requests. Experience assigning and unassigning apps to users using Okta Users and Groups APIs Knowledge of how to validate an authenticated user's session Understanding of the design principles of Okta APIs, including how to use pagination and how to filter query parameters on attributes Knowledge of how to identify and work with Okta API rate limits Knowledge of where to find the most current documentation and resources on Okta APIs Experience using Okta APIs to query logs and events Experience creating, updating, and deleting users, groups, and apps using Okta APIs Knowledge of when to use Okta REST APIs, Sign-in Widgets, and SDKs Understanding of the various Okta supported OIDC and OAuth flows, and knowledge of when to use them Understanding the differences between and Org authorization server and a custom authorization server in the context of OIDC and OAuth Understanding of how Okta policy and the rules associated with that police affect API calls and responses Knowledge of how to create sessions in Okta using Okta APIs and SDKs Knowledge of how to configure trusted origins (CORS, Redirect), and understanding of the effects of the configuration of trusted origin when redirecting users Excellent analytical skills Collaborative team worker - both in person and virtually using MS Teams or similar Excellent documtentation skills; demonstrated proficiency in Microsoft Office including Word, Excel, and Powerpoint Ability to work as liaison between business and information security/information technology Flexibility to accomodate working across different time zones Excellent interpersonal communication skills with strong spoken and written English Business outcome mindset Solid balance of strategic thinking with detail orientation Self-starter, ability to take initiative Project management and organizationals skills with attention to detail Required Education Bachelor's degree (BA/BS) from four-year college or university; or equivalent training, education, and work experience. Preferred Education Cybersecurity certifications such as CISSP, CISM, etc. bUfLI5EgCF Apply tot his job Apply To this Job