CMS-Senior-Okta-SSO

• Oversee the day-to-day operations of Okta, ensuring high availability, performance, and security.
• Serve as the subject matter expert for Okta, providing guidance and mentorship to junior team members and stakeholders across the organization.
• Conduct in-depth analysis and troubleshooting of high-level Okta issues, ensuring minimal disruption to business operations.
• Manage incident response and resolution related to IAM issues, minimizing impact on business operations.
• Implement, and manage SSO integrations for various applications and systems
• Troubleshoot and resolve SSO & MFA related issues in a timely manner
• Monitor the performance of SSO & MFA systems
• Provide technical support and guidance to users regarding SSO processes
• Incident/Service Request intake and assignment to other teams if required
• Document SSO configurations, procedures, and changes
• Lead operational support tasks, including system monitoring, user provisioning, access reviews, and troubleshooting.
• Implement and maintain operational procedures and documentation for identity services, including disaster recovery plans.
• Collaborate with the IAM engineering team to transition new features and services into production, ensuring operational readiness.
• Provide expert guidance and support to the service desk and other IT teams regarding identity-related queries and issues.
• Conduct regular operational reviews and audits to identify and remediate potential security gaps or inefficiencies.
• Drive the automation and optimization of operational processes to enhance system reliability and reduce manual workload.
• Serve as a liaison between the IAM team and other business units, communicating operational status and coordinating on cross-functional initiatives.
• Mentor junior operations analysts and contribute to the development of training materials and best practices
• Ability to perform Root Cause Analysis and suggest solutions to avoid errors
• Work involves day to day health check, incident support (as per defined scope and levels), e-mail support, tool upgrades and monitoring of systems, reporting the status and working with development and QA teams to help them fix the issues.

• Extensive experience in IAM operations, with a strong focus on Microsoft Entra and related Microsoft identity solutions.
• Basic problem diagnosis, troubleshoot and remediation
• Must have at least 5 years of relevant experience on any SSO/MFA technologies and identity providers (Entra ID, Ping Federate, Ping ID, Okta, etc.)
• Have experience in installation, implementation, configuration, deployment & troubleshooting on SSO/MFA products
• Knowledge of federation protocols - SAML, OAuth & OpenID
• Ability to work on a variety of common technical aspects on Access Management Solution like Version/Patch upgrades, IDP configuration, Authentication Policies - Policies, Selectors, Policy Selectors& Sessions; Identity Profiles; Protocol Endpoints; OAuth Server - Scope Management, Client Registration Policies; Grant Mapping - IDP Adapter Mapping, Authentication Policy Contract Mapping, Resource Owner Credentials Mapping; Token Mapping - Access Token Management, Access Token Mapping, OpenID Connect Policy Management and application onboarding
• Strong communication and interpersonal abilities, with experience in stakeholder management.
• Relevant certifications such as Microsoft Certified: Identity and Access Administrator Associate, ITIL, or similar
• Proficiency with scripting and automation tools (e.g., PowerShell, Azure CLI) to streamline operational tasks.
• Experience with compliance and regulatory frameworks (e.g., GDPR, HIPAA, SOX).

• Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field.

• Willingness to travel as required
• Willingness to be on call support engineer and work occasional overtime as required
• Willingness to work in shifts as required

EY