Senior IT Identity Engineer

TL;DR

Senior IT Identity Engineer (Okta/Terraform): Modernizing enterprise identity architecture and automating lifecycle management across cloud and SaaS environments with an accent on zero-touch provisioning, access controls, and HR integrations. Focus on designing scalable identity-as-code solutions, implementing GitOps workflows, and enforcing zero trust policies for secure onboarding/offboarding.

Location: 100% Remote in U.S.-Based Virtual Operating Center

Company

Premier Embedded Service Provider partnering directly with customer IT teams of global enterprise software companies to co-own and solve mission-critical delivery and infrastructure challenges.

What you will do

• Lead implementation of Okta as central identity platform including SSO, MFA, and lifecycle management
• Build and manage identity infrastructure using Terraform and GitHub-based GitOps for version-controlled configurations, CI/CD pipelines, and change management
• Design and automate onboarding/offboarding (JML) workflows integrated with HRIS systems like Workday and Paylocity
• Establish device trust, conditional access policies, and zero trust foundation with endpoint integrations
• Automate workflows across HRIS, identity, and endpoint systems using APIs, scripting, Okta Workflows, or Tines
• Mentor peers, establish best practices, and ensure scalable, secure, repeatable identity operations

Requirements

• 5+ years in Identity & Access Management (IAM) engineering
• Strong experience with Okta (SSO, MFA, SCIM, lifecycle management) and building onboarding/offboarding automation
• Experience with cloud IAM (Azure AD/Entra, AWS IAM, GCP IAM), legacy MS AD, and HRIS integrations (Paylocity, Workday, ADP)
• Deep understanding of identity lifecycle workflows (JML, RBAC, provisioning), PAM (Tenable/CyberArk, BeyondTrust)
• Experience with Terraform (or IaC tools), GitHub for CI/CD, scripting (PowerShell, Python), APIs, and system integrations
• Strong knowledge of SAML/OIDC/SCIM, conditional access/zero trust; familiarity with macOS/Windows environments

Nice to have

• Okta device trust or device-based access controls
• Experience with identity governance tools, Apple Business Manager, Windows Autopilot
• Endpoint platforms: Jamf/Kandji (macOS), Microsoft Intune (Windows)
• Slack/ITSM tools (Jira, ServiceNow), security frameworks (NIST, SOC2), incident response awareness

Culture & Benefits

• 100% remote workplace since day one
• Unlimited paid time off
• Equity ownership and 401k with company contribution
• Sponsored healthcare
• Professional growth through training and certification programs