Senior IAM Engineer
About The Position
Passionate about precision medicine and advancing the healthcare industry? Recent advancements in underlying technology have finally made it possible for AI to impact clinical care in a meaningful way. Tempus' proprietary platform connects an entire ecosystem of real-world evidence to deliver real-time, actionable insights to physicians, providing critical information about the right treatments for the right patients, at the right time. As a Senior IAM Engineer, you will be the primary architect and guardian of our identity perimeter. You will design, implement, and maintain scalable identity solutions that secure our workforce. Your focus will be on transitioning away from manual provisioning toward a fully automated "Identity-as-Code" model using Okta Workflows and API integrations.
Requirements
- Okta Mastery: 5+ years of experience managing Okta at an enterprise scale, including advanced Workflows and Okta Expression Language.
- Protocol Expertise: Deep understanding of the "Identity Trinity":SAML 2.0: XML-based assertions and troubleshooting.OIDC/OAuth 2.0: Scopes, claims, and grant types (Authorization Code vs. Client Credentials).SCIM: Automating user provisioning and deprovisioning.
- Directory Services: Strong background in Active Directory (Group Policy, Kerberos, DNS) and how it interfaces with modern cloud tenants.
- Programming/Scripting: Proficiency in Python, PowerShell, or JavaScript for interacting with APIs and automating repetitive tasks.
- Modern Security: Familiarity with Zero Trust Architecture (ZTA) and Least Privilege principles.
- Problem Solver: You don't just fix the symptom; you find the root cause in the protocol trace.
- Communicator: Ability to explain complex authentication flows to non-technical stakeholders (e.g., HR or Legal).
- Continuous Learner: The identity landscape shifts weekly; you enjoy staying ahead of new standards like FIDO2 or Passkeys.
Nice To Haves
- Okta Certified Professional/Administrator/Consultant.
- Experience with Infrastructure as Code (Terraform) for managing Okta resources.
- Experience with Privileged Access Management (PAM) tools.
- Experience with Identity Governance and Administration (IGA) tools.
Responsibilities
- Architectural Leadership: Design and scale our Okta tenant, ensuring high availability and global best practices for SAML, OIDC, and OAuth 2.0 integrations.
- Automation & Orchestration: Build complex lifecycle management (LCM) flows using Okta Workflows to automate joiner/mover/leaver processes across HRIS, AD, and downstream SaaS apps.
- Hybrid Identity Management: Manage and optimize the synchronization between Active Directory (AD) and cloud identity providers.
- API Integration: Develop custom integrations using REST APIs to connect homegrown or niche applications that lack out-of-the-box support.
- Security & Compliance: Implement Adaptive Multi-Factor Authentication (MFA), Passwordless strategies, and regular access certifications to meet SOC2/ISO 27001/SOX requirements.
- Escalation Support: Serve as the Tier 3 expert for complex authentication issues and identity-related security incidents.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
