Identity Solutions Architect

OktaChicago, WA
Hybrid

About The Position

Identity is the key to unlocking the potential of AI. Okta secures AI by building the trusted, neutral infrastructure that enables organizations to safely embrace this new era. This work requires a relentless drive to solve complex challenges with real-world stakes. We are looking for builders and owners who operate with speed and urgency and execute with excellence. This is an opportunity to do career-defining work. We're all in on this mission. If you are too, let's talk. The Identity team's mission is to secure the world's identity connections while building the foundational trust layer for the modern enterprise. As organizations successfully adopt phishing-resistant MFA, attackers have shifted their tactics—increasingly deploying Adversary-in-the-Middle (AiTM) phishing kits and info-stealer malware to execute session hijacking via cookie theft. Furthermore, with the explosive rise of autonomous AI workloads, securing human identity is no longer enough; we must now protect and govern a fast-growing sprawl of non-human, agentic workflows. We are looking for a highly mature, technically elite, and customer-obsessed Identity Solutions Architect to drive the technical execution of our Identity Security & Agentic Identity portfolio. In this role, you will be a cornerstone of the "Okta on Okta" team, acting as Customer Zero. Reporting directly to the VP of IAM, you will work hand-in-hand with our Principal Product Manager. While the PM shapes the portfolio strategy, you will own the technical architecture, internal deployment blueprints, and the public stage. You will shepherd cutting-edge features from Alpha through Early Availability (EA)—guaranteeing we are our own first and best customer before these solutions scale to the rest of the world. As the technical face of Okta’s Customer Zero team, you will have unique, high-impact opportunities to collaborate closely with strategic engineering and identity infrastructure teams at major enterprise tech companies, leading cloud service providers, and top-tier security vendors.

Requirements

  • 8+ years of overall IT/software development and technical architecture experience, with 3+ years specifically focused on IAM/Security Architecture.
  • Proven track record of securing non-human identities (NHIs) or machine-to-machine infrastructure in production.
  • Deep, hands-on knowledge of core protocols: OAuth2/OIDC (especially Token Exchange), SAML, mTLS, JWT, and Model Context Protocol (MCP).
  • Strong technical understanding of modern identity threat vectors (AiTM phishing, info-stealer malware, session hijacking).
  • Ability to author clear Architecture Decision Records (ADRs) and confidently influence at the VP/CTO level, serving as a true peer to product management and product engineering.
  • Elite verbal and written communication skills.
  • Ability to translate deep, ambiguous technical architecture into compelling business value for C-suite executives and excel in front of a camera or a live audience.

Nice To Haves

  • Architecting how Okta governs non-human, autonomous AI workloads across O4AA (Okta for AI Agents) and A4AA (Auth0 for AI Agents), defining secure authentication and authorization patterns.
  • Designing token exchange patterns, security gateways, and implementing the Model Context Protocol (MCP) to secure agent-to-data interactions.
  • Designing Okta’s defense against session cookie thievery by leveraging cryptographically hardware-bound tokens (Okta DBSSO and Chrome DBSC).
  • Deploying Identity Threat Protection (ITP) for continuous risk evaluation and Identity Security Posture Management (ISPM) to eliminate hidden vulnerabilities across human and machine identities.

Responsibilities

  • Act as the lead architect testing and deploying Alpha identity security features within Okta’s internal IAM environment.
  • Author the technical rollout blueprints and provide the core engineering teams with critical feedback.
  • Design the internal implementation blueprint for how Okta DBSSO and Chrome DBSC complement one another, creating an ironclad, layered defense that protects corporate endpoints from token and cookie exfiltration.
  • Lead the technical effort to open-source the complimentary tools our Customer Zero team builds, transitioning our internal innovations into a massive, thriving community effort with our customers.
  • Help lead a dedicated "how-to" video series and a potential podcast this year, and take the stage at major events to share our internal playbook.
  • Define how Okta identity is woven into modern orchestration layers (LangChain/Graph, n8n, AWS AgentCore, Google Vertex ADK) and model providers (Azure Foundry, AWS Bedrock, OpenAI, Anthropic).

Benefits

  • health, dental and vision insurance
  • 401(k)
  • flexible spending account
  • paid leave (including PTO and parental leave)
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service