Okta IAM Engineer
Job Description:
- Engineering Graduate / Postgraduate (BTech, BE, MCA, etc.) with minimum 5 years of experience in Cyber security domain.
- Minimum 3 years of design, implementation & configuration experience in IAM (Identity Access Management) domain primarily in Okta IAM Solution.
Identity and Access Management (IAM)
- Proficiency in Azure AD and Okta configurations.
- In-depth understanding of SAML and OAuth/OIDC protocols.
- Experience with integrating various types of applications with SSO.
- Knowledge of API integration and connectors for both Azure AD (Graph API) and Okta.
Security Awareness
- Knowledge of cybersecurity best practices and principles.
- Familiarity with secure coding standards and application security.
Scripting and Automation
- Proficiency in scripting languages (PowerShell) and IaC tools (Terraform) for automation of migration tasks.
- Ability to write custom scripts for specific integration requirements.
Risk Management
- Identifying and mitigating potential risks associated with the migration.
- Ability to explain the risks to Service Owners
OIDC Grant Types
- Deep understanding of OpenID Connect (OIDC) and various grant types.
- Expertise in evaluating and ensuring the implementation of best practices, such as PKCE for Single Page Applications (SPAs).
Okta Certifications (Req: at least 2 in the list)
- Okta Professional Certification.
- Okta Administrator Certification.
- Okta Consultant Certification.
- Okta Developer Certification.
API Integration
- Extensive experience with Graph API and Azure APIs.
- Ability to evaluate use cases involving APIs and determine replicability in Okta.
- Knowledge of Okta API and SDKs for seamless integration.
Development Skills
- Proficiency in application development.
- Ability to guide service owners in switching from Azure to Okta using Okta SDKs or editor-agnostic libraries.
- Understanding of internal application development processes.
Access Control and MFA
- Audit experience in assessing existing access control mechanisms for applications.
- Ability to analyze and provide advice on MFA policies, considering predefined templates (low, medium, high, very-high)
- Knowledge of the impact of MFA policies on user experience (UX).
Directory Services
- In-depth understanding of directory services, including Azure AD and Okta directory structures.
- Knowledge, design, and implementation of SCIM (System for Cross-domain Identity Management) provisioning.
- Ability to advise service owners on the best practices and implementation strategies for integrating SCIM provisioning into their applications.
Audit and Compliance
- Review access control model of the applications to ensure compliance with security standards and best practices.
Advisory Skills
- Ability to provide informed advice to service owners, especially on API-related matters.
- Advising on MFA policy choices based on application usage, criticality, and impact on user experience.
Problem management
- Resolving challenges related to API integration and MFA policy decisions.
- Making decisions in complex scenarios involving OIDC and access control (for instance: Analyzing application access control mechanisms and MFA requirements, providing data-driven insights for decision-making.)
