Okta Engineer

Role Summary

Okta Engineer responsible for daily administration, configuration, and operation of Okta and related identity services within Moderna’s IAM program. Collaborates with a Senior Okta Engineer to implement secure authentication/authorization, maintain integrations, and improve automation in the IAM ecosystem.

Responsibilities

• Support the configuration and maintenance of SSO integrations (SAML, OIDC/OAuth 2.0) for internal and SaaS applications, collaborating with application owners and vendors to fulfill SSO requests and ensure secure, reliable integrations.
• Assist in managing MFA policies, authentication rules, and device assurance configurations in Okta.
• Maintain and troubleshoot SCIM integrations and lifecycle management workflows for automated provisioning and deprovisioning.
• Collaborate with the Senior Engineer to document configurations, integration details, and operational runbooks.
• Perform daily operational tasks, including managing and resolving tickets in the IAM ServiceNow queue, ensuring timely response and escalation when needed.
• Contribute to process improvement initiatives to enhance security, reliability, and efficiency within IAM operations.
• Support the administration of application authentication policies, ensuring alignment with Moderna’s access control standards.
• Partner with IAM and directory teams on synchronization and group management activities.
• Active Directory experience including object creation and management.
• Participate in troubleshooting authentication issues, gathering logs, and escalating complex issues to the Senior Engineer as needed.
• Gain exposure to Okta Workflows, Org2Org integrations, and commercial tenant management for external user access.
• Contribute to periodic audits, policy reviews, and security assessments to maintain compliance.

Qualifications

• Bachelor’s degree in Computer Science, Information Security, or related technical field, or equivalent experience.
• 4–6 years of experience in IT or cybersecurity, with at least 2–3 years in Okta Workforce Identity Cloud administration.
• Hands-on experience configuring and supporting SSO, MFA, and SCIM provisioning.
• Strong troubleshooting and analytical skills with attention to detail.
• Experience documenting processes and maintaining operational consistency in a security-focused environment.
• Experience managing or supporting ServiceNow tickets related to IAM or identity lifecycle operations.

Skills

• Ability to work collaboratively in a team environment and take direction from senior technical leads
• Familiarity with Okta Advanced Lifecycle Management, Okta Workflows, or API-based integrations.
• Experience managing custom claims and scopes using Okta Custom Authorization Servers, including defining access policies and testing API access tokens.
• Experience working with Okta Expression Language to create dynamic attributes, custom mappings, and conditional access logic across Okta profiles and applications.
• Experience with ServiceNow, including IAM request workflows or catalog item management, is a plus.
• Experience with Entra ID (Azure AD) for MFA or SSO configuration.
• Understanding of Zero Trust, least privilege, and access governance principles.
• Knowledge of cloud platforms (AWS, GCP, Azure) and how identity integrates within them.
• Okta certifications (Okta Certified Professional or Administrator) are strongly preferred.
• Familiarity or experience with GxP regulations and systems.
• Strong communication skills and a desire to learn from senior engineers and grow within the IAM domain.