Job Description: Pay Range: $75hr - $80hr
• The Senior Identity & Access Management (Okta) Solution Architect will lead end-to-end migration and architecture efforts from legacy access systems to modern identity platforms, with a focus on Okta.
• The role includes designing SSO and access-control solutions, defining role and access models, managing user migration, integrating Okta with internal and third-party systems, and delivering secure, compliant, scalable identity solutions.
• The architect will work closely with customers, security teams, product and engineering teams, and cross-functional stakeholders to translate requirements into robust technical architectures and reusable artifacts.
Requirement/Must Have:
• 10 15 years of proven experience in engineering and software architecture design, with demonstrable IAM solution delivery experience.
• Expert-level knowledge of Identity and Access Management concepts including SAML, OAuth2, OIDC, SSO, RBAC, LDAP, and Active Directory.
• Hands-on experience designing and implementing Okta integrations and migrations, including user migration strategies and role mapping.
• Strong experience with security architecture, web protocols (XML, SOAP, JSON, REST), and enterprise integration patterns.
• Proven ability to lead customer discovery workshops, define technical requirements, and produce architecture and migration roadmaps.
• Experience working in (Scaled) Agile / SAFe environments.
• Excellent written and oral communication skills and experience driving executive-level conversations.
Experience:
• Significant hands-on experience implementing SSO solutions and federated identity using SAML, OAuth2, and OIDC.
• Experience integrating Okta with internal applications and third-party SaaS systems.
• Experience designing and operationalizing role-based access policies and role-mapping strategies across diverse applications.
• Demonstrated experience creating reusable architecture artifacts, reference designs, and solution work products.
• Experience leading cross-functional delivery teams and collaborating with engineering, security, and support organizations.
• Consulting experience and experience delivering solutions to enterprise customers is preferred.
Responsibilities:
• Architect the end-to-end migration from SiteMinder (or other legacy IAM) to Okta, including user identity flows and access control models.
• Design and implement SSO solutions using SAML, OAuth2, and OIDC.
• Define and implement Role-Based Access Policies (RBAP) and role mapping strategies across applications.
• Lead planning and execution of user migration activities, ensuring data integrity and minimal disruption.
• Collaborate with application owners to integrate Okta with internal and third-party systems.
• Develop architecture diagrams, migration roadmaps, security models, and technical solution artifacts.
• Drive customer conversations to define requirements and overall technical architecture for identity and related data solutions.
• Review functional and technical requirements and participate actively in design discussions.
• Create reusable frameworks, reference architectures, and best-practice artifacts to accelerate future engagements.
• Work closely with Product Owners, Scrum Masters, senior business analysts, and other stakeholders within agile delivery teams.
• Lead interaction and collaboration with Okta engineering and support teams as needed to address escalations and influence product development.
• Provide mentoring and technical leadership to engineering teams and act as a point of escalation for complex issues.
• Ensure solutions adhere to enterprise security standards and regulatory requirements.
Should Have:
• Experience with employee identity use cases such as HR-driven identity, Active Directory integrations, and enterprise SSO for SaaS applications.
• Familiarity with cloud computing platforms and SaaS systems (AWS, Google Apps, Salesforce) and their identity integration points.
• Experience designing solutions for mission-critical programs and supporting large-scale migrations.
• Domain knowledge in healthcare is a plus.
Skills:
• Deep expertise: SAML, OAuth2, OIDC, SSO, RBAC, LDAP, Active Directory.
• Protocols and APIs: XML, SOAP, JSON, REST.
• Strong architectural skills and hands-on coding/refactoring experience in at least one language.
• Enterprise integration patterns, security- and performance-focused design.
• Experience with cloud platforms, SaaS application integrations, and enterprise web technologies.
• Ability to create clear architecture diagrams, migration roadmaps, and technical presentations.
• Strong facilitation, stakeholder management, and customer-facing skills.
Qualification And Education:
• Bachelor's degree in Computer Science, Engineering, or equivalent technical degree.
• Proven track record of large-scale identity and security architecture engagements.
• SAFe experience is mandatory.
