Identity & Access Management (IAM) Engineer – Okta & Microsoft Entra

Cohesity is the leader in AI-powered data security. Over 13,600 enterprise customers, including over 85 of the Fortune 100 and nearly 70% of the Global 500, rely on Cohesity to strengthen their resilience while providing Gen AI insights into their vast amounts of data. Formed from the combination of Cohesity with Veritas’ enterprise data protection business, the company’s solutions secure and protect data on-premises, in the cloud, and at the edge. Backed by NVIDIA, IBM, HPE, Cisco, AWS, Google Cloud, and others, Cohesity is headquartered in Santa Clara, CA, with offices around the globe.We’ve been named a Leader by multiple analyst firms and have been globally recognized for Innovation, Product Strength, and Simplicity in Design , and our culture.Want to join the leader in AI-powered data security?We are seeking a highly experienced Identity & Access Management (IAM) Engineer with deep, hands‑on expertise in Okta, Microsoft Entra ID, and Microsoft 365. The role has a strong emphasis on Okta application onboarding, Okta Identity Governance (OIG), Okta Workflows automation, and Device Posture configuration.This role will act as a hands‑on technical owner of the identity platform, delivering secure, automated, and scalable identity solutions across SaaS, cloud, and on‑premises environments.HOW YOU'LL SPEND YOUR TIME HERE:Okta Platform Ownership (Primary Focus)Own and operate Okta Workforce Identity CloudDesign, implement, and maintain: Single Sign‑On (SSO), Multi‑Factor Authentication (MFA) and Adaptive and risk‑based access policiesManage Universal Directory, attribute mappings, and profile sourcesConfigure and maintain Okta agents (AD and LDAP)Application Onboarding (Mandatory)Hands‑on onboarding of applications into Okta is mandatoryLead end‑to‑end application integrations including: SAML 2.0 and OIDC / OAuth 2.0Work with application teams to: design secure authentication flows, define attribute mappings and claims, and validate access patterns and user experienceMaintain application standards and onboarding documentationIdentity Lifecycle & Automation (Core Requirement)Own Joiner‑Mover‑Leaver (JML) processes end‑to‑endExtensive hands‑on experience with Okta Workflows (mandatory)Build and maintain workflows for provisioning, de‑provisioning, and access changesIntegrate HR systems (e.g., Workday) and downstream applicationsImplement approvals, exception handling, and audit loggingImplement and manage SCIM‑based provisioningEnsure timely removal of access and least‑privilege enforcementOkta Identity Governance (OIG) – MandatoryImplement and operate Okta Identity Governance (OIG)Design and manage: Access request workflows, Approval chains and Entitlement managementSupport periodic access reviews and certificationsEnsure governance controls meet audit and compliance requirementsDevice Posture & Conditional Access (Mandatory)Design and implement Device Posture checks in OktaIntegrate device posture with: Adaptive access policies and MFA and conditional access rulesEnforce secure access based on: Device trust, Compliance posture and User contextCollaborate with endpoint and security teams to align posture policiesMicrosoft Entra ID & Microsoft 365Integrate Okta with Microsoft Entra ID (Azure AD) - Federation and identity scenarios and Alignment with Conditional AccessSupport and manage Microsoft 365 access via Okta - User lifecycle, Group‑based access and Role and Licence assignment modelsPartner with M365 teams to ensure consistent and secure access patternsDirectory Services (LDAP / Active Directory)Strong hands‑on experience with LDAP and Active DirectoryManage: Directory integrations with Okta, attribute mappings and sync rules and hybrid identity scenariosTroubleshoot authentication, sync, and agent‑related issuesSecurity, Compliance & OperationsEnforce Zero Trust identity principlesSupport audits and regulatory requirements (ISO 27001, SOC 2, GDPR)Monitor identity‑related security events and support incident responsePerform regular policy, access, and configuration reviewsDocumentation & CollaborationProduce high‑quality technical documentation and runbooksAct as a subject‑matter expert for IAM and OktaProvide third‑line support for identity‑related incidentsWork closely with Security, Cloud, Infrastructure, and Application teamsWE'D LOVE TO TALK TO YOU IF YOU HAVE MANY OF THE FOLLOWING:Mandatory Requirements (Non‑Negotiable)Strong, hands‑on Okta experience (5+ years preferred)Proven experience onboarding applications into OktaHands‑on Okta Workflows experience (mandatory)Experience with Okta Identity Governance (OIG)Experience configuring Device Posture in OktaStrong experience with Microsoft Entra ID (Azure AD)Experience supporting Microsoft 365Strong LDAP and Active Directory experienceDeep understanding of: SAML, OAuth 2.0, OpenID Connect and MFA and modern authentication patternsDesirable / Nice‑to‑HaveOkta certifications (Professional, Administrator, Consultant)Terraform or Infrastructure‑as‑Code for OktaExperience with PAM tools (Teleport, CyberArk, BeyondTrust)Experience in large, regulated, or enterprise environmentsSoft SkillsExcellent communication and stakeholder‑management skillsComfortable owning and driving identity platformsStrong security mindset and attention to detailAble to operate independently in complex environmentsData Privacy Notice for Job Candidates:For information on personal data processing, please see our Privacy Policy.Equal Employment Opportunity Employer (EEOE)Cohesity is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status or any other category protected by law.If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact us at 1-855-9COHESITY or talent@cohesity.com for assistance.In-Office ExpectationsCohesity employees who are within a reasonable commute (e.g. within a forty-five (45) minute average travel time) work out of our core offices 2-3 days a week of their choosing.Interested candidates based outside of the designated areas are welcome to apply, provided they have the right to work in the job location.