Job#: 3032963

Job Description:

The Okta engineering operations lead is responsible for the day-to-day operational health and sustainment of the organization's Okta identity platform following production deployment by the engineering team. This role serves as the operational bridge between engineering delivery and the business, ensuring that Okta services remain stable, performant, and aligned with the end user and stakeholder needs on an ongoing basis. This includes ownership of the break/fix triage, service request fulfillment, access administration, incident response coordination, and operational monitoring across Okta managed services. 

As AI capabilities are introduced into the identity platform, this role will be responsible for monitoring the behavior of automated and adaptive controls in production, escalating anomalies to the engineering team, and ensuring operational runbooks keep pace with the platform evolution. 

Key Responsibilities

- Serve as the operational subject-matter expert across IAM services for both cloud and on-premises environments, including how the platforms integrate and impact end-to-end service delivery.

- Lead day-to-day operations for authentication and authorization services, ensuring availability, performance, stability, and a consistent user experience.

- Drive adoption of IAM reference architectures and operating standards by translating them into repeatable runbooks, procedures, and support models for existing and emerging IAM technologies.

- Champion practical, scalable operational solutions to complex, global IAM issues (e.g., onboarding/offboarding, access exceptions, federation failures, SSO outages, certificate expirations).

- Participate in IAM governance processes and ensure operational adherence to IAM standards, controls, and policy requirements.

- Build and maintain operational capabilities that support both near-term delivery and long-term sustainability (e.g., monitoring, alerting, incident response, capacity planning, patching/upgrade strategy).

- Create, maintain, and operationalize security policies, standards, and controls aligned with industry best practices and business needs—especially as cloud services and technologies are adopted.

- Represent Information Security on cross-functional project teams to ensure operational readiness (support model, SLAs/OLAs, documentation, monitoring, access controls) and compliance with existing security standards.

- Own the successful operational delivery of IAM services and security-related capabilities by partnering with business stakeholders, executives, engineering teams, and project teams; provide leadership through execution (this is not a project manager role).

- Manage and track IAM operational roadmaps (e.g., lifecycle management, decommissioning legacy platforms, resiliency improvements, automation backlog) and ensure they align to business priorities.

- Provide hands-on expertise for secure configuration, operational support, and troubleshooting of cross-organization identity integration and information-sharing implementations.

- Identify and remediate issues driven by process gaps, emerging threats, platform changes, or operational inefficiencies; drive continual service improvement and automation where feasible.

Analytical / Decision-Making Responsibilities

This role requires the ability to interpret IAM strategy and translate it into resilient, measurable, and supportable operations. The Ops Lead will make decisions that balance security, uptime, user experience, and delivery speed, and will influence the firm’s IAM direction through operational insights, risk identification, and recommendations for service improvements.

Knowledge, Skills, and Experience Requirements

- Strong background in information security fundamentals, with deep experience operating IAM services in enterprise environments.

- Experience supporting IAM implementations in Microsoft Azure and AWS (additional cloud providers a plus), including hybrid connectivity and integration to enterprise infrastructure.

- Working knowledge of IAM protocols and standards such as SAML, SCIM, OpenID Connect, OAuth (and familiarity with related standards such as XACML/SPML where applicable).

- Experience with IAM operations for directories, SSO, federation, delegated administration, API gateways, and service-to-service authentication patterns.

- Hands-on operational experience with Microsoft Entra ID (Azure AD), including tenant administration, integration patterns, troubleshooting, and operational best practices.

- Familiarity with federation technologies and concepts, including ADFS and Ping Identity (or comparable platforms).

- Experience with cloud security and governance tooling (e.g., CASBs and related controls) and server virtualization technologies as they relate to IAM service operations.

- Strong understanding of cloud delivery models (IaaS, PaaS, SaaS) and the operational and security implications for identity.

- Strong customer service orientation with excellent written and verbal communication skills; able to communicate incidents, risk, and remediation plans to both technical and non-technical stakeholders.

- Strong critical thinking, analytical skills, and ability to drive structured problem management (RCA, trend analysis, preventive controls).

- Ability to work independently with minimal supervision and lead through influence across multiple teams.

- Experience consulting with senior leaders and customer organizations on operational readiness, support models, and sustainable service practices.

- Scripting/automation familiarity (e.g., PowerShell, JavaScript, Python, etc.) to enable operational efficiency and reduce manual effort.

- Experience helping teams plan and implement complex solutions with an emphasis on operability (monitoring, alerting, runbooks, access models, and support transitions).

- Understanding of AI/ML-driven identity controls and adaptive access patterns, and how to support them operationally (e.g., signal quality, tuning, exception handling, and monitoring).

Education:

Bachelor’s or Master’s degree in Information Assurance, Computer Science, Information Systems or related field of study.

Experience:

8+ years of practical experience in the field of IT is required.  5+ years of direct Information Security experience.

Certification Preferences:

A security industry certification is preferred including but not limited to CISSP, SSCP, CISM, SANS GSEC, ECSA, ECSP, and Security+.

Everforth Apex is a world-class IT services company that serves thousands of clients across the globe. When you join Everforth Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRateds Best of Staffing® in Talent Satisfaction in the United States and Great Place to Work® in the United Kingdom and Mexico.

Everforth Apex uses a virtual recruiter as part of the application process. Click here for more details. By applying for this job, you agree to receive calls, AI-generated calls, text messages, or emails from Everforth Apex and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy at https://www.apexsystems.com/privacy-policy

Everforth Apex Benefits Overview: Everforth Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Everforth Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Everforth Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Everforth Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our ‘Welcome Packet’ as well, which an Everforth Apex team member can provide.

Everforth Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Everforth Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law.

If you require an accommodation under the Americans with Disabilities Act to participate in an interview with a virtual recruiter or to use our website for a search or application, please contact our Benefits Department at [email protected] or 804-523-8228. Please note that this contact information is strictly to be used for medical ADA accommodations and that no other inquiries will be answered.

UnitedHealthcare creates and publishes the Transparency in Coverage Machine-Readable Files on behalf of Everforth Apex Systems.