Zencon Group
Position Overview
The Systems Architect is responsible for the implementation, configuration, and ongoing management of the Okta Identity and Access Management (IAM) platform. This role ensures the secure, scalable, and efficient adoption of Okta services, including Universal Directory, Single Sign-On (SSO), Adaptive Multi-Factor Authentication (MFA), Lifecycle Management (LCM), Role-Based Access Control (RBAC), Identity Governance (IG), and Privileged Access (PA).
The ideal candidate will bring deep technical expertise in Okta, proven experience architecting identity solutions in complex enterprise environments, and a strong understanding of IAM best practices.
Qualifications and Experience 10+ years of documented experience in Information Technology with a strong focus on Security and Identity and Access Management (IAM). Deep technical expertise in the Okta platform with advanced configuration and management experience. Proven ability to architect, implement, and optimize Okta solutions in enterprise environments. Experience integrating Okta with diverse applications, SaaS platforms, and security tools such as Zero Trust Network Access (ZTNA). Hands-on experience designing automated provisioning workflows and RBAC models. Strong background in access certifications for privileged roles, governance controls, and auditing. Experience implementing Privileged Access Management capabilities, including Just-In-Time (JIT) access and step-up authentication.
Skills and Competencies Communication Excellent verbal and written communication skills with ability to explain complex IAM concepts to both technical and non-technical audiences. Ability to document system configurations, integration processes, and architectural designs. Skilled in facilitating technical discussions, workshops, and training sessions. Proactive in knowledge sharing and status reporting, including risks and issues.
Technical Understanding Deep expertise in enterprise IAM platforms and protocols (SAML, OAuth 2.0, OIDC). Strong understanding of directory services (Active Directory, LDAP), authentication, authorization, and identity lifecycle processes. Hands-on knowledge of automation and scripting (PowerShell, Python). Experience with API integration and management, particularly with Okta APIs. Familiarity with network concepts (firewalls, proxies) as related to identity management.
Problem Solving & Analytical Skills Strong analytical skills for diagnosing and resolving IAM and integration issues. Ability to translate business requirements into secure and efficient identity policies. Proficiency in troubleshooting authentication, provisioning, and governance challenges. Ability to optimize identity systems for performance, scalability, and security.
Implementation & Design Leadership Experience guiding technical implementation of IAM solutions following architectural best practices. Skilled at designing scalable and secure identity solutions for enterprise environments. Provides mentorship and technical guidance to internal teams.
Teamwork Effective collaborator with IT, security, and business stakeholders. Serves as a technical liaison between teams. Facilitates workshops and promotes knowledge transfer on identity solutions.
Scope of Work The Systems Architect will work under the direction of the Office of Information Technology (Client) and collaborate with internal IT and security teams to ensure Okta implementation aligns with enterprise IAM standards. Responsibilities include:
1. Universal Directory (UD)
Configure Okta Universal Directory as the central identity source. Integrate with Active Directory, HR systems, and other authoritative sources. Design user schema and group structures. 2. Adaptive Multi-Factor Authentication (MFA)
Implement and configure adaptive MFA policies across all applications. Support user enrollment and provide troubleshooting. 3. Zero Trust Network Access (ZTNA) Integration
Collaborate with ZTNA teams to configure Okta for Zero Trust policies. Troubleshoot integration and maintain security alignment. 4. Lifecycle Management (LCM)
Implement automated provisioning/de-provisioning based on approval workflows. Configure application integrations for LCM. Maintain and optimize LCM processes. 5. Role-Based Access Control (RBAC)
Design and implement RBAC models. Assign roles and permissions based on least privilege principles. Conduct ongoing reviews and maintenance. 6. Identity Governance (IG)
Configure and execute access certifications for privileged roles. Generate audit logs and compliance reports. Implement governance and separation-of-duties (SoD) controls. 7. Privileged Access (PA)
Implement Just-In-Time (JIT) access, step-up authentication, and session monitoring. Document procedures and ensure compliance with security best practices. 8. Collaboration & Knowledge Transfer
Provide technical expertise on Okta and IAM best practices. Document configurations, processes, and integration strategies. Deliver knowledge transfer and training to Department staff. Education Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or related field. Equivalent experience may substitute on a year-for-year basis.
Qualifications and Experience 10+ years of documented experience in Information Technology with a strong focus on Security and Identity and Access Management (IAM). Deep technical expertise in the Okta platform with advanced configuration and management experience. Proven ability to architect, implement, and optimize Okta solutions in enterprise environments. Experience integrating Okta with diverse applications, SaaS platforms, and security tools such as Zero Trust Network Access (ZTNA). Hands-on experience designing automated provisioning workflows and RBAC models. Strong background in access certifications for privileged roles, governance controls, and auditing. Experience implementing Privileged Access Management capabilities, including Just-In-Time (JIT) access and step-up authentication.
Skills and Competencies Communication Excellent verbal and written communication skills with ability to explain complex IAM concepts to both technical and non-technical audiences. Ability to document system configurations, integration processes, and architectural designs. Skilled in facilitating technical discussions, workshops, and training sessions. Proactive in knowledge sharing and status reporting, including risks and issues.
Technical Understanding Deep expertise in enterprise IAM platforms and protocols (SAML, OAuth 2.0, OIDC). Strong understanding of directory services (Active Directory, LDAP), authentication, authorization, and identity lifecycle processes. Hands-on knowledge of automation and scripting (PowerShell, Python). Experience with API integration and management, particularly with Okta APIs. Familiarity with network concepts (firewalls, proxies) as related to identity management.
Problem Solving & Analytical Skills Strong analytical skills for diagnosing and resolving IAM and integration issues. Ability to translate business requirements into secure and efficient identity policies. Proficiency in troubleshooting authentication, provisioning, and governance challenges. Ability to optimize identity systems for performance, scalability, and security.
Implementation & Design Leadership Experience guiding technical implementation of IAM solutions following architectural best practices. Skilled at designing scalable and secure identity solutions for enterprise environments. Provides mentorship and technical guidance to internal teams.
Teamwork Effective collaborator with IT, security, and business stakeholders. Serves as a technical liaison between teams. Facilitates workshops and promotes knowledge transfer on identity solutions.
Scope of Work The Systems Architect will work under the direction of the Office of Information Technology (Client) and collaborate with internal IT and security teams to ensure Okta implementation aligns with enterprise IAM standards. Responsibilities include:
1. Universal Directory (UD)
Configure Okta Universal Directory as the central identity source. Integrate with Active Directory, HR systems, and other authoritative sources. Design user schema and group structures. 2. Adaptive Multi-Factor Authentication (MFA)
Implement and configure adaptive MFA policies across all applications. Support user enrollment and provide troubleshooting. 3. Zero Trust Network Access (ZTNA) Integration
Collaborate with ZTNA teams to configure Okta for Zero Trust policies. Troubleshoot integration and maintain security alignment. 4. Lifecycle Management (LCM)
Implement automated provisioning/de-provisioning based on approval workflows. Configure application integrations for LCM. Maintain and optimize LCM processes. 5. Role-Based Access Control (RBAC)
Design and implement RBAC models. Assign roles and permissions based on least privilege principles. Conduct ongoing reviews and maintenance. 6. Identity Governance (IG)
Configure and execute access certifications for privileged roles. Generate audit logs and compliance reports. Implement governance and separation-of-duties (SoD) controls. 7. Privileged Access (PA)
Implement Just-In-Time (JIT) access, step-up authentication, and session monitoring. Document procedures and ensure compliance with security best practices. 8. Collaboration & Knowledge Transfer
Provide technical expertise on Okta and IAM best practices. Document configurations, processes, and integration strategies. Deliver knowledge transfer and training to Department staff. Education Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or related field. Equivalent experience may substitute on a year-for-year basis.