Senior IT Identity Engineer

EverOpsSan Francisco, CA
Remote
Match Resume

About The Position

Some of the world’s most innovative global enterprise software companies struggle to find technical delivery partners capable of matching their rigorous standards. These teams need a partner that can co-own complex problems from within their own IT environment. Enter EverOps - the premier Embedded Service Provider. We partner directly with customer IT teams to assess and address mission-critical delivery and infrastructure challenges. You’ll operate at the intersection of identity & access, and automation, building a scalable, zero-touch, identity-first IT platform. We’re hiring a Senior IT Identity Engineer with a deep mastery in identity platforms to lead a critical transformation of our identity environment. This role will modernize how we manage Identity, automate onboarding/offboarding, and secure access across the organization. As a Senior Identity & Access Engineer, you will join our U.S.-Based Virtual Operating Center, working within a dynamic team to own and evolve enterprise identity services across cloud and SaaS environments. Your primary mission will focus on modernizing identity architecture, maturing lifecycle automation, strengthening access controls, and integrating HR-driven identity workflows to improve security, scalability, and user experience. You will be expected to lead by example - architecting solutions within Okta, designing and building automated provisioning workflows tied to HR systems like Workday & Paylocity. You will drive identity as code using Terraform and GitHub-based operations, while mentoring peers and establishing best practices to ensure scalable, secure, and repeatable identity operations.

Requirements

  • 5+ years in Identity & Access Management (IAM) engineering
  • Familiarity with cloud IAM (Azure AD / Entra, AWS IAM, GCP IAM), legacy MS AD
  • Proven experience integrating HRIS platforms (Paylocity, Workday, ADP, etc.)
  • Deep understanding of identity lifecycle workflows (JML, RBAC, provisioning)
  • Experience with PAM (Tenable/CyberArk, BeyondTrust) for access management
  • Experience with Terraform (or equivalent IaC tools) in production environments
  • Experience using GitHub (or similar) for CI/CD and infrastructure automation
  • Strong scripting/automation skills (PowerShell, Python, or similar)
  • Experience working with APIs and system integrations
  • Strong experience with Okta (SSO, MFA, SCIM, lifecycle management)
  • Proven experience building onboarding/offboarding automation
  • Familiarity managing macOS and Windows environments
  • Strong understanding of: SAML / OIDC / SCIM
  • Strong understanding of: Conditional access / zero trust concepts

Nice To Haves

  • Okta device trust or device-based access controls
  • Experience with identity governance or access review tools
  • Apple Business Manager, Windows Autopilot
  • Slack / ITSM tools (e.g., Jira, ServiceNow, Freshservice)
  • Build and manage endpoint platforms: Jamf / Kandji (macOS)
  • Build and manage endpoint platforms: Microsoft Intune (Windows)
  • Familiarity with security frameworks (NIST, SOC2)
  • Incident Reponse / Forensics Awareness to assist with security-related investgations

Responsibilities

  • Lead implementation of Okta as the central identity platform (SSO, MFA, lifecycle management)
  • Reduce manual IT operations through automation
  • Build and manage identity infrastructure using Terraform (or equivalent IaC tools)
  • Develop reusable modules for Okta apps, groups, policies, and integrations
  • Implement version-controlled identity configurations with full auditability
  • Leverage GitHub (GitOps) for: Source control of identity configurations
  • Leverage GitHub (GitOps) for: Pull request-based change management
  • Leverage GitHub (GitOps) for: CI/CD pipelines (GitHub Actions) for identity deployments
  • Enforce approval workflows, testing, and promotion across environments (dev → prod)
  • Treat identity changes as code with full traceability and rollback capability
  • Design and automate onboarding/offboarding (JML) workflows with zero manual provisioning
  • Establish device trust and conditional access policies (identity + endpoint integration)
  • Automate workflows across HRIS, identity, and endpoint systems (APIs, scripting, Okta Workflows, Tines, or equivalent)
  • Fully automate onboarding/offboarding with clear workflow visibility
  • Provide 100% SSO coverage and MFA standardization
  • Administer device-based access controls (zero trust foundation)

Benefits

  • 100% Remote Workplace: We’ve been remote since Day 1!
  • Unlimited Paid Time Off.
  • Equity: Become a true owner of the company.
  • 401k with company contribution and sponsored healthcare.
  • Professional Growth: Access to training and certification programs to accelerate your career.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Senior

Education Level

No Education Listed

Number of Employees

1-10 employees

Job Search Resources

Similar Senior IT Identity Engineer job opportunities

Senior Identity Engineer
Major League Baseball
Major League Baseball • New York, NY4d • $140,000 - $175,000
Identity Engineer
UBERETHER INC
UBERETHER INC • Sterling, VA4d • $155,000 - $165,000 • Hybrid
Senior Identity Access Management Engineer
Roku
Roku • Boston, MA13d • Hybrid
🔥 New JobSenior Software Engineer, Identity & Access
Patreon
Patreon1d • Hybrid
Identity & Access Management Engineer, Senior
Freddie Mac
Freddie Mac • Dallas, TX4d
Senior IT Engineer
Serval
Serval • San Francisco, CA13d • Onsite
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service