IT Systems Engineer

About The Position

Requirements

• 3+ years of experience in Okta administration across SSO/SAML/OIDC, SCIM, group mapping, and policies, with a strong understanding of audit/SOX implications and documentation needs
• 5+ years of IT Support experience with escalation management and documentation
• Proven hands-on experience with iPaaS and automation platforms (Okta Workflows, Tray.io, Workato) to implement approval flows, listeners, and provisioning logic tied to event triggers
• Proficiency working with APIs and webhooks to integrate SaaS systems; ability to design workflows with retries and clear error handling paths
• Administration of SaaS apps like Google Workspace, Atlassian (Jira/Confluence), and Slack in an enterprise setting, aligned to identity governance and service management practices
• Clear stakeholder communication mindset and strong project management skills, helping align IT initiatives with business priorities and driving cross-functional impact
• Experience incorporating AI tools (e.g., LLMs like OpenAI, Agents) into everyday processes to improve operational efficiency, empowering you to drive meaningful innovation within the team
• Experience evolving self‑service models to improve user productivity while preserving scope boundaries
• Comfort implementing compliant exceptions when SSO is not supported by a vendor, using owner/service accounts with traceability in Okta logs and downstream automation

Nice To Haves

• Experience with Okta logging, SIEM monitoring tools (Splunk, etc.), and reporting
• Okta Certified Administrator or Okta Certified Professional/Consultant Certification
• Other IT certifications (Jamf, A+, Network+, Google IT Support, etc.)

Responsibilities

• Administer Okta by managing SSO/SAML/OIDC, SCIM provisioning, groups, policies, MFA, and app assignments with clear ownership and audit trails, ensuring security and efficiency that support organizational success
• Design and operate self-service access workflows through Okta Request conditions, including approval routing, compliance tracking, and Jira integration for visibility and auditability
• Build and maintain integrations across People (Workday), identity platforms (Okta), and SaaS applications (Google Workspace, Atlassian) using Okta Workflows, Tray.io, Workato, and API/webhook patterns to automate processes and increase efficiency
• Own end-to-end employee lifecycle automation (Joiner/Mover/Leaver), including provisioning, access grants, and deprovisioning workflows. Document recovery paths for exceptions and verify alignment with the downstream systems
• Implement secure workarounds for SaaS applications that don't support SSO, including service account management, credential governance, and automated deprovisioning
• Serve as the escalation point for complex support and/or access-related issues originating from Level 1/2 helpdesk teams
• Partner with Compliance and Company stakeholders on periodic UARs (access reviews), RBAC tuning, and audit support, using Request Conditions history and ticket linkages

Benefits

• Nextdoor employees can choose between a variety of health plans, including a 100% covered employee only plan option, and we also provide a OneMedical membership for concierge care.