IonQ

Senior IAM Engineer, Okta

IonQ

full-time

Posted on:

Location Type: Remote

Location: ColoradoMarylandUnited States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $126,887 - $166,127 per year

Job Level

Senior

About the role

  • Own the Okta for Government High (FedRAMP High) tenant — configuration, health, lifecycle, and security posture
  • Manage Universal Directory: on-prem AD Agent sync, HRIS attribute mastering, profile mappings, and group rules
  • Build and maintain all SSO app integrations via the Okta Integration Network (OIN) using SAML, OIDC, and SCIM
  • Own and maintain Okta Adaptive MFA policies: factor enrollment rules, risk-based step-up authentication, FIDO2/YubiKey/PIV/CAC configuration
  • Maintain the Okta System Log to Microsoft Sentinel log streaming pipeline and retention configuration
  • Own Okta Identity Governance (OIG): entitlement catalog, access certification campaign setup, SoD policy rules, and access request workflow design
  • Own, Build and Maintain Okta Lifecycle Management: JML automation rules, HRIS connector configuration, and auto-provisioning and deprovisioning into all connected applications, access review triggers, and automated remediation
  • Design, build, and document all Okta-side enhancements including new app onboarding, policy changes, and IGA configuration updates
  • Write test cases for all Okta-side changes; execute UAT jointly with the Identity Governance & Operations Analyst before production promotion
  • Support Identity Operations Specialist on Tier 2 Okta escalations and Workflow troubleshooting
  • Assist Identity Governance & Operations Analyst with OIG campaign configuration and certification reporting

Requirements

  • 4+ years of hands-on Okta administration and engineering experience
  • Demonstrated experience with Okta SSO app integrations via SAML 2.0 and OIDC
  • Experience with Okta Lifecycle Management and HRIS connector configuration
  • Experience building Okta Workflows for provisioning automation
  • Experience with Okta Adaptive MFA policy configuration including FIDO2/WebAuthn and hardware token enrollment
  • Experience with Okta Universal Directory including AD Agent deployment and profile mastering
  • Must be a U.S. Citizen or Lawful Permanent Resident (Green Card holder) — U.S. Person
  • Ability to obtain and maintain a security clearance or pass a background investigation consistent with CUI access
Benefits
  • Health insurance
  • 401(k) matching
  • Unlimited PTO
  • Paid holidays
  • Parental/adoption leave
  • Legal insurance
  • Home technology stipend
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Okta administrationSAMLOIDCSCIMMFA configurationLifecycle ManagementHRIS connector configurationWorkflows for provisioning automationUniversal DirectoryAD Agent deployment