As a Zendesk Identity Access Management (IAM) Engineer you will be responsible for designing, configuration, testing, implementation, and maintaining systems and solutions that control access to the organization's resources, sensitive information, and data.
The primary goal of this role is to ensure that only authorized individuals have access to these resources, while preventing unauthorized users from gaining entry.
What you get to do every day as an IAM Engineer
Day to day management and monitoring of Identity management tools and Public Cloud tooling (e.g., MFA, Security Token, OAUTH, AWS, Okta, Atlassian, and BigFix) and maintains appropriate configurations and access policies.
Direct experience administering IAM related SaaS applications.
Review and lead the gathering of business, functional and technical requirements for establishing an Okta Identity platform.
Review updates and new features of Okta and make recommendations for implementation to the environment.
Defines and enforces business process strategy, entitlement and access management
Manages app integration requests including SSO and User Lifecycle Management
Manages IDM environment including all related processes, Access Groups, Service accounts, Sandbox access, API configuration.
Proactively identify & resolve IAM lifecycle management related issues
Work with stakeholders and other team members to clarify business requirements, remove roadblocks and gain alignment while adhering to internal governance processes while.
Works with business partners to gather information and requirements.
Defines Scope, and works to identify potential issues / limitations capabilities, recommends solutions and drives work to completion
Maintains and reviews existing processes.
Works to continuously update and improve end to end processes.
Maintains and reviews IAM documentation ensuring all documentation is kept up to date with current Zendesk IAM policies and procedures.
Translates requests from Business partners into Jira Stories and Epics
What you bring to the role:
1-3 years experience in an IT Operations role or educational equivalent; ideally in CS/IS or holds Bachelor's degree.
Strong understanding of day to day management of Okta for group and user management, app provisioning tasks, app intake and deprecation, etc.
Working knowledge of all main areas of the Okta product including Identity Engine, Universal Directory, and Adaptive MFA.
Working knowledge of Cloud Authentication and Access management Services.
Possess a solid understanding of identity management and security policy concepts, protocols, and best practices
Direct experience administering IAM related SaaS applications.
Hands-on experience integrating applications with Okta SSO (SAML, OIDC, SWA, Etc.)
Able to effectively present SSO concepts to stakeholders with various levels of technical understanding
Working knowledge of Okta Workflows and high level programming concepts is a plus.
Works well across geographies/timezones as a member of a global organization.
Availability during normal business hours with flexibility based on business requirements, must be able to travel 10% of the time
Value & Organizational Skills
Excellent verbal and written communication skills
Passion for continuous learning and professional growth.
Able to make difficult and quick decisions daily with limited supervision and often with competing priorities and varying degrees of urgency.
Possess a passion for continuous learning and professional growth.
Recognizes and adjusts communication style to account for a diverse global workplace.
Highly developed negotiation, facilitation and consensus building skills.
Preferred
Okta Certified Administrator or higher
#LI-MR7
Please note that anyone hired into this position must be physically located in and plan to work from Mexico City (CDMX) or Mexico State (Estado de Mexico).
Hybrid: In this role, our hybrid experience is designed at the team level to give you a rich onsite experience packed with connection, collaboration, learning, and celebration - while also giving you flexibility to work remotely for part of the week.
This role must attend our local office for part of the week.
The specific in-office schedule is to be determined by the hiring manager.