Job summary:

Job description:

Interview Type: Skype *** Very long term project; initial PO for 1 year, expect to go for 4+ years ***Remote*** need 3 references

 Universal Directory (UD):

Establish Okta as the central source of truth for user identities.

• Configuration and maintenance of Okta Universal Directory.
• Integration of Okta with existing directories (e.g., Active Directory) andHR systems.
• Design and implementation of user schema and group structures.

Adaptive Multi Factor Authentication (MFA):

Implement adaptive MFA across all our applications to enhance security.

• Implementation and configuration of Adaptive MFA policies.
• Integration of MFA with various applications.
• User enrollment and support for MFA.

Integration with Zero Trust Network Access (ZTNA) Tool:

Integrate Okta with our existing ZTNA solution.

• Collaboration with the ZTNA team to integrate Okta.
• Configuration of Okta to support ZTNA policies.
• Troubleshooting integration issues.

 Lifecycle Management (LCM):

Implement automated user provisioning and de provisioning based on approval workflows and the principle of least privilege. This includes assisting in identifying and defining appropriate roles based on positions and responsibilities.

• Development and implementation of automated provisioning and de provisioning workflows.
• Configuration of application integrations for LCM.
• Ongoing maintenance and optimization of LCM processes.

 Role Based Access Control (RBAC):

Design and implement a robust RBAC model within Okta.

• Design and implementation of RBAC models within Okta.
• Assignment of roles and permissions to users.
• Review and maintenance of the RBAC structure.

 Identity Governance (IG)

Configure access certifications, particularly with a focus on privileged access roles. Implement reporting, auditing, and overall governance on identity data and access.

• Configuration and execution of access certifications.
• Generation of reports and audit logs related to identity and access.
• Implementation of identity governance policies.

Privileged Access (PA):

Implement Just In Time (JIT) access, step up authentication, and session isolation and monitoring for privileged users.

• Configuration of JIT access and step up authentication.
• Implementation of session monitoring for privileged users.
• Documentation of privileged access procedures.

The Contractor will work collaboratively with our internal IT and security teams to achieve these objectives:

• Providing technical expertise and guidance on Okta and IAM bestpractices.
• Troubleshooting and resolving Okta related issues.
• Documentation of configurations and procedures.
• Knowledge transfer to the Departments staff.

Position Overview:

This position is responsible for the implementation and configuration of the identity and access management platform, OKTA. This includes Universal Directory, Single Sign On, Adaptive MFA, Lifecycle Management, Identity Governance, and Privileged Access. We require expertise in best practices  for identity and access management (IAM) and a strong understanding of the Okta platform.

Qualifications and Experience:

• At least ten (10) years of documented experience in InformationTechnology, with a strong focus on Security and Identity and AccessManagement (IAM).
• Preference will be given to candidates who have strength in the following areas
• Deep technical expertise in the Okta platform, including advanced configuration and management.
• Proven ability to architect and implement Okta solutions in complex environments.
• Experience with integrating Okta with various applications and security tools (like ZTNA).
• Designing and implementing automated provisioning workflows and Role Based Access Control (RBAC) models within Okta.
• Experience with access certifications, particularly for privileged access roles.
• Setting up and utilizing Oktas reporting, auditing, and identity governance functionalities.
• Implementing Privileged Access features such as Just In Time (JIT) access and step up authentication.

Skills and Competencies Communication:

Excellent verbal and written communication skills, including the ability to articulate complex technical concepts related to identity and access management to both technical and non technical stakeholders (security teams, application owners  end users).

Ability to clearly document system configurations, integration processes, and architectural design related to identitymanagement. Facilitation of technical discussions and workshops related to identity and access management design andimplementation.

• Ability to present identity management solutions and recommendations effectively to various audiences.
• Understands the importance of clear and timelym communication regarding project status, risks, and issues related to the identity management environment.
• Proactively shares knowledge and best practices related to identity management with the internal team.

Technical Understanding:

• Deep and comprehensive understanding of enterprise levelidentity and access management platforms, includingdirectory services, single sign on (SAML, OAuth 2.0, OIDC), multi factor authentication, lifecycle management(provisioning, de provisioning, workflows), identitygovernance (access certifications, SoD), and privileged access management (JIT, step up).
• Strong understanding of integration methodologies for connecting identity management systems with various SaaS applications, on premises systems, directories (AD, LDAP), and custom applications using standard protocols and APIs.
• Working knowledge of security protocols and best practices related to authentication, authorization, and identitymanagement.
• Understanding of network concepts relevant to identity management system deployment and integration (firewalls, proxies, etc.).
• Familiarity with scripting languages (e.g., PowerShell, Python) for automation tasks within or related to identity management.
• Knowledge of API integration and management, particularly with identity management platform APIs.

Problem Solving and Analytical Skills:

• Strong analytical skills to diagnose and resolve technical issues within the identity management environment and its integrations.
• Ability to translate business requirements into effective and secure identity management configurations and policies.
• Excellent troubleshooting skills for authentication, authorization, provisioning, and other identity management related problems.
• Ability to identify potential risks and propose mitigation strategies related to the identity management implementation.
• Keeps abreast of the latest features, updates, and security best practices in the identity and access managementlandscape.
• Ability to optimize identity management system

Implementation and Design Leadership:

• Ability to guide the technical implementation of the identitymanagement platform based on best practices and architectural principles.
• Experience in designing scalable and secure identity management solutions to meet current and future needs.
• Ability to make sound technical decisions regarding platform configuration and integration strategies.
• Mentors and guides internal team members on identity management best practices and technical aspects.

Teamwork:

• Ability to effectively collaborate with security teams, application owners, network engineers, and other stakeholders during the identity management platform implementation.
• Acts as a technical liaison between different teams regarding identity management-related matters.
• Willingness to assist in various technical tasks related to the identity management deployment.
• Facilitates technical discussions and knowledge sharing about the identity management platform within the team.

Contact the recruiter working on this position:

The recruiter working on this position is Rohit(Shaji Team) Bala
His/her contact number is
His/her contact email is rohit@msysinc.com

Our recruiters will be more than happy to help you to get this contract.