Avance Consulting
Somerset, NJ
Post Resume to
View Contact Details &
Apply for Job
Job Description :
Title: Senior IAM Engineer with Integration experience

Location: Phoenix AZ - Onsite only

M&A Integrations (Okta/SSO)

Key Responsibilities

M&A / Integration Delivery

  • Design and implement tenant-to-tenant federation (Okta/ADFS/IdP initiated and SP initiated) and progressive consolidation to a primary IdP (Okta).

  • Plan and execute SSO cutovers for top business applications; define rollback plans and success criteria.

  • Establish secure B2B/B2E access patterns for acquired entities (SAML 2.0, OAuth 2.0/OIDC, SCIM).

  • Orchestrate account migration strategies (just-in-time provisioning, SCIM, directory sync), and drive de dupe/merge identity hygiene.

IAM Engineering & Operations

  • Configure and manage Okta (policies, routing rules, app integrations, Device Trust, MFA/Adaptive MFA, Groups, Lifecycle Management, Workflows).

  • Implement secure federation (SAML/OIDC), token policies, consent and scopes, and PKCE where applicable.

  • Integrate with Active Directory / LDAP, govern group design, and rationalize permissions to least privilege.

  • Define and enforce password vaulting patterns for non federated apps and privileged identities (e.g., CyberArk/HashiCorp/1Password Enterprise).

  • Build and maintain access review, joiner/mover/leaver (JML) automation, and policy-as-code where feasible.

  • Partner with app owners to onboard applications to SSO/MFA and eliminate legacy/basic auth.

Required Qualifications

  • Hands-on expertise with Okta (tenant administration, federation, SSO/MFA, Lifecycle Management, Workflows, SCIM, device posture).

  • Strong working knowledge of SSO, federation, SAML 2.0, OAuth 2.0, OpenID Connect, SCIM, and secure token handling.

  • Proficiency with Active Directory (domain trusts, OU/group strategy, GPO basics, identity hygiene) and directory sync concepts.

  • Demonstrated M&A integration experience: discovery, Day 1 readiness, SSO cutover, identity consolidation, and decommissioning legacy IdPs.

  • Password vaulting/Privileged Access exposure (e.g., CyberArk, HashiCorp Vault, BeyondTrust, or enterprise password managers).

  • Applied least privilege and Zero Trust design; familiarity with NIST CSF, CIS Controls, or ISO 27001 principles.

  • Experience in AWS and/or GCP (federation, RBAC, service accounts, workload identity).

  • Strong verbal and written communication; ability to interface with execs, security, app owners, and engineers.

  • Scripting for automation (e.g., PowerShell, Python, Okta APIs/SDKs) and comfort with Git-based workflows.


Bharath Pammi
Delivery Lead
Direct Number

Make Higher Net Pay as a Contractor. Switch Your Employer to PamGro. Calculate Now

Refer your Contractor Friend for employment to Pamgro, Split 200 equally. Refer Now

We take data privacy seriously. To know more about your rights and how we process data please visit our Data Privacy Policy. To update, unsubscribe or remove your data please click here.
Avance Consulting |1170 Rt 22 | Bridgewater Suite#301 | New Jersey 08807|

Disclaimer: This e-mail communication and any attachments to it are confidential and privileged to Avance Consulting and are strictly intended only for the personal and confidential use of the designated recipient(s) named above. If you are not the intended recipient of this message, you are hereby notified that any review, dissemination, distribution or copying of this message is strictly prohibited and may be unlawful. Please notify the sender immediately and destroy all copies of this message along with all attachments there to.

Email tracked with Mailsuite Opt out 01/27/26, 08:30:25 AM
             

Similar Jobs you may be interested in ..