Okta Architect

Location: Washington, DC

Department: 56219066 - AFS Identity & Access Management

As an Okta Architect, you will play a key role in designing, implementing, and managing robust identity solutions for Workforce Identity and Customer Identity (CIAM) environments. This role requires expertise in authentication, authorization, and identity governance, with a focus on scalability, security, and compliance.

Key Responsibilities

• Architect, design and implement Okta Workforce Identity Cloud and Customer Identity solutions.
• Develop scalable identity workflows, lifecycle management, and governance processes.
• Create authentication and authorization strategies aligned with Zero Trust Architecture (ZTA) principles.
• Map Okta authentication policies to NIST SP 800-63 assurance levels and federal compliance requirements.
• Architect and implement SSO, MFA, and provisioning integrations across SaaS, cloud, and on-premises applications.
• Design and maintain SCIM integrations and API-based provisioning.
• Drive automation initiatives using Terraform and GitOps pipelines for efficient Okta configuration management.
• Implement advanced security measures, including phishing-resistant MFA (e.g., FIDO2, Okta FastPass) and passwordless authentication.
• Ensure compliance with federal security frameworks, including FedRAMP, FISMA, and other industry standards.
• Develop risk-based access policies, continuous authentication, and session management strategies.
• Serve as a subject matter expert (SME) for Okta and IAM best practices.
• Provide technical guidance to junior engineers and cross-functional teams.
• Collaborate with stakeholders to gather requirements and deliver secure identity solutions.
• Support audits, logging, monitoring, and compliance reporting using Okta System Logs and event data.

Basic Qualifications

• 5+ years designing and implementing Okta solutions in large-scale enterprise environments.
• Deep knowledge of authentication protocols (OAuth 2.0, OIDC, SAML 2.0, WS-Federation).
• Expertise in RBAC and ABAC models using Okta groups, attributes, and dynamic rules.
• Strong understanding of identity governance, lifecycle management, and security best practices.
• Experience with multi-cloud identity architecture and risk-based adaptive authentication. (AWS and/or Azure, GCP, OCI)
• Familiarity with IGA tools (e.g., SailPoint, Saviynt) and integration with Okta.
• Hands-on experience with CI/CD pipelines for IAM automation.
• Ability to design custom Okta integrations using SDKs and APIs. 
• Proficiency in implementing advanced passwordless strategies.

Preferred Skills

• Strong leadership in defining IAM strategies and modernization initiatives.
• Master’s degree in Information Systems, Computer Science, or equivalent experience.