Senior Identity Engineer

About The Position

Requirements

• Strong experience with Okta is required, including Workflows, Lifecycle Management, Universal Directory, Adaptive MFA, and federation
• Bachelor’s or Master’s degree in Computer Science, Software Engineering, Cybersecurity, or a related field, or equivalent practical experience
• 5+ years of experience in identity engineering, security engineering, or software engineering
• Strong understanding of authentication, authorization, access control, federation, and applied cryptography
• Strong understanding of identity and security protocols and standards, including OAuth, OpenID Connect, SAML, SCIM, JWT, TLS, XML signing/encryption, and secure session management
• Experience building production-quality code and integrating with REST APIs, webhooks, event-driven systems, and identity-related data formats such as JSON and XML Fluency in one or more languages (e.g. Python, Go, Java, or TypeScript)
• Experience with Active Directory/Entra ID, cloud platforms (AWS/Azure/GCP), and engineering tooling such as Git, CI/CD, and Terraform

Nice To Haves

• Experience with Auth0 supporting customer identity, registration, login, account linking, and authorization use cases are a plus
• Relevant certifications from recognized organizations such as (ISC)², GIAC, CompTIA, ISACA, Okta, Auth0, or cloud providers (AWS, Azure, GCP) are a plus
• Ability to independently own and drive complex, high-impact initiatives to completion with sound judgment and accountability
• Strong written and verbal communication skills, with the ability to actively listen and convey technical concepts clearly to engineering, product, and leadership audiences

Responsibilities

• Design, implement, and maintain identity security controls across Okta and Auth0, including SSO, MFA, federation, lifecycle management, and policy-based access
• Engineer secure authentication and authorization patterns across SaaS, cloud, internal, and consumer-facing applications
• Build and maintain production-grade integrations, automation, and internal tooling using APIs, events, and workflow orchestration
• Lead complex identity integrations using SAML, OAuth 2.0, OpenID Connect, SCIM, JWT, and related standards
• Automate joiner-mover-leaver processes, provisioning and deprovisioning workflows, and entitlement management
• Design and automate management of non-human identities, including service accounts, machine identities, service-to-service access, and AI agent use cases
• Serve as a senior escalation point for complex identity incidents involving federation, account lifecycle, authorization failures, provisioning, and policy enforcement
• Support investigations and recovery efforts related to suspicious access patterns, authentication abuse, and identity-driven security events
• Integrate security into CI/CD pipelines and contribute to application and API security tooling
• Partner with Engineering, IT, Product, HR, and third-party vendors to embed identity controls into system design and operational processes
• Mentor engineers and contribute to standards, runbooks, architecture guidance, and peer reviews

Benefits

• Competitive Benefits Package
• Company 401K Contribution
• Paid Time Off and Holidays
• Paid Parental Leave
• Access to Free Tickets to Baseball Games & MLB.TV
• Discounts at MLB Store | MLBShop.com
• Employee Assistance Programs (EAP)
• Onsite/Online Training & Development Programs
• Tuition Reimbursement
• Disability Benefits (short term and long term)
• Life and Accidental Death Insurance
• Pet Insurance