Job Description Insight Global is seeking a seasoned IAM Security Engineer to lead the design and operation of enterprise identity systems for both workforce and third-party users, including contractors and subsidiaries. This role will elevate Okta as the central control plane for Zero Trust, deploying phishing-resistant authentication (FIDO2, passkeys, WebAuthn) to mitigate OTP fatigue and SIM-swap risks. The engineer will architect and manage Okta tenants, enforce policy-driven access (RBAC/ABAC), and implement robust JML automation using SCIM, APIs, and HRIS triggers to ensure SLA-based deprovisioning. They will integrate identity with Zscaler ZPA for segmentation, Delinea PAM for privileged access workflows, Venafi PKI for certificate lifecycle management, and CrowdStrike for device posture telemetry. The role includes defining secure contractor/BYOD access patterns, maintaining a unified identity data model, and partnering with CSIRT to codify threat detections and incident playbooks. Additionally, the engineer will lead M&A identity integrations, including directory consolidation and access mapping, while ensuring compliance with regulatory frameworks such as ISO 27001 and NIST 800-53. We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/. Skills and Requirements • 6–10+ years in IAM engineering/architecture at large enterprise scale. • Deep Okta expertise (policies, Workflows, OIDC/SAML, SCIM, risk signals) and directory hygiene. • Strong background in Zero Trust, RBAC/ABAC design, and privileged access patterns (PAM integration). • Proven delivery of phishing-resistant authentication at scale and identity-centric incident response. • Familiarity with regulatory environments (ISO 27001, NIST 800-53/CSF, NYDFS) and evidence-ready control operation. • Experience with Zscaler ZPA segmentation design, Venafi automation, Grip/Obsidian identity-app mapping, and ServiceNow request workflows. • Exposure to FIDO2 authenticator management at scale (attestation, lifecycle, lost device playbooks).