Job Description

Specializing in the integration of Okta and Microsoft Entra ID with HR Information Systems (HRIS), with a particular emphasis on Workday. The ideal candidate will have deep expertise in cloud identity, lifecycle automation, and secure account provisioning, as well as a proven track record of delivering complex identity solutions in enterprise environments.

Key Responsibilities

• Design, implement, and support advanced identity architectures integrating Okta and Microsoft Entra ID with Workday and other HRIS platforms for automated user lifecycle management.
• Develop and maintain automated provisioning and deprovisioning workflows using SCIM, SAML, OAuth, and API integrations between Workday, Okta, Entra ID, and Active Directory.
• Define and implement attribute mapping, group management, and conditional access policies to ensure secure, compliant, and efficient identity flows.
• Lead the configuration of joiner, mover, and leaver policies, including pre-hire provisioning, role changes, and termination processes.
• Enforce security best practices for identity, access, and data protection, ensuring compliance with regulatory requirements (GDPR, CCPA, HIPAA, etc.).
• Leverage scripting, automation, and workflow tools (e.g., PowerShell, Python, Okta Workflows, Microsoft Graph) to streamline identity operations and integrations.
• Design and implement conditional access, device trust, and other security features in support of enrollment and management of mobile and desktop endpoints.
• Engage with clients’ HR, IT, and security teams to gather requirements, deliver workshops, and provide expert guidance on identity strategy and architecture.
• Lead integration, configuration, validation, and user acceptance testing (UAT) for identity flows, ensuring robust error handling and seamless user experience.

Skills and Qualifications

• 5-7 years of experience in enterprise identity and access management, with a focus on Okta, Microsoft Entra ID, and HRIS integration.
• Proven experience integrating Workday with Okta and/or Entra for automated account provisioning (previous Workday integration is required).
• Advanced ability to leverage scripting, automation, coding (e.g., PowerShell, Python), and workflow tools (Okta Workflows, Microsoft Graph).
• Strong understanding of SCIM, SAML, OAuth, and REST APIs for identity federation and provisioning.

• Experience designing and implementing best-in-class solutions, seeing projects and migrations through to completion.
• Experience delivering comprehensive technical documentation and knowledge transfer sessions to client and internal teams.

• Advanced knowledge of identity lifecycle automation, attribute mapping, and group management.
• Experience with HR-driven identity flows (Joiner-Mover-Leaver) and HRIS integration.
• Ability to develop solutions based on specific customer requirements and align technical solutions with business objectives.
• Strong customer service skills and consulting mindset.
• Familiarity with competing identity and device management products is a plus.
• Strong interpersonal and communication skills to understand client needs and provide tailored solutions.
• Experience in achieving appropriate balance between security, compliance, and user experience.

Location: Remote from anywhere

Work Hours: US Central time zone