Identity & Access Management Engineer
Topgolf Callaway Brands - Carlsbad, CA
posted 4 days ago
About the position
Join our team as an Identity and Access Management Engineer and play a pivotal role in maturing our IAM program, focusing on Okta operations and app integrations. You'll lead exciting initiatives such as onboarding/offboarding automation, role-based access controls (RBAC), and integrating critical applications with Okta and other platforms like Workday. This is an opportunity to shape the future of our IAM strategy by streamlining processes, implementing innovative tools, and automating workflows. Be part of a collaborative team where your expertise will directly impact company growth and security. This role will operate out of our headquarters based in Carlsbad, California on a flexible hybrid work schedule.
Responsibilities
- Provide user account life cycle management, including creating, provisioning, securing, and inactivating access.
- Participate in projects and production support operations focused on implementing Identity and Access Management (IAM) integrations and Roles Based Access Control (RBAC) strategies and integrations.
- Manage directory account permissions via RBAC.
- Function as the subject matter expert for Identity Governance and RBAC.
- Manage daily operational activities for Active Directory (AD) and Okta.
- Reconcile discrepancies between access rights assigned and access rights required for users to perform job duties.
- Enforce organizational policies and procedures to ensure only authorized personnel can access information in compliance with the Minimum Necessary Rules.
- Perform AD Administration, including managing users, groups, computers, and GPOs.
- Integrate and onboard new applications behind Okta for SSO and provisioning.
- Meet with application owners to troubleshoot issues or define a standard solution.
- Assist as a resource in IAM project initiatives.
- Work across multiple team settings and collaborate in deploying IAM technologies and processes.
Requirements
- 3+ years of IAM experience
- Expert knowledge in core IAM Domains: Identity Governance and Administration, RBAC, x509, Kerberos, Privileged Access Management, Authentication, Authorization, Identity
- Expert knowledge of Okta Single Sign On, Multi-Factor Authentication and authenticators, Adaptive MFA, Universal Directory, API Access Management, application integration and configuration
- Expertise with various OAuth2 Flows supported in Okta, Custom Authorization Servers, SAML Federations, OpenID Connect, and SCIM integrations
- Advanced Okta infrastructure - including the use of expressions, Org2Org, several types of hooks, Okta Workflows, OIE, and Fastpass
- Ability to work across multiple team settings and collaborate in deploying IAM technologies and processes
- Scripting or programming languages - PowerShell experience
Nice-to-haves
- Certifications in Okta are a plus.
Benefits
- 401k
- health_insurance
- dental_insurance
- vision_insurance
- paid_holidays
- flexible_scheduling
- professional_development
- tuition_reimbursement
- employee_discount_programs
