Job Title: Senior IAM Engineer (Okta to Microsoft Entra ID Migration)

Role Summary

We are looking for a Senior Identity & Access Management (IAM) Engineer to join an enterprise-level identity transformation project. This role is focused on designing, leading, and executing a large-scale migration strategy from Okta to Microsoft Entra ID (Azure Active Directory). The ideal candidate is a hands-on, detail-oriented professional capable of managing application integrations, provisioning workflows, and secure authentication protocols in a distributed enterprise environment.

Key Information:

• Location: Remote – LATAM (Open to candidates in Argentina, Brazil, Chile, Colombia, Mexico, and Uruguay).
• Engagement Type: Contractor / Full-Time.
• Language Requirement: Advanced English (Fluent written and verbal communication for global stakeholder alignment).

Core Responsibilities

1. Migration Strategy & Architecture

• Lead the technical end-to-end migration from Okta to Microsoft Entra ID / Azure AD.
• Design the IAM migration architecture, core technical roadmap, and cutover strategy.
• Assess, catalog, and document the existing estate of enterprise applications integrated with Okta.

2. Application Integration & SSO Configuration

• Migrate and validate Single Sign-On (SSO) integrations for 100+ enterprise applications.
• Configure, troubleshoot, and optimize core authentication and authorization protocols, including SAML 2.0, OIDC, SCIM, and JIT provisioning.
• Implement and refine Conditional Access policies, group-based assignments, and enterprise applications settings in Entra ID.

3. Identity Lifecycle & HR Inbound Provisioning

• Manage, optimize, and support critical enterprise integrations with Workday as the central HR data source.
• Configure automated provisioning and deprovisioning workflows to protect the identity lifecycle.

4. Automation, Governance & Support

• Write and maintain custom deployment and automation scripts using PowerShell and/or Python.
• Develop integrations and extract identity datasets using the Microsoft Graph API.
• Perform advanced troubleshooting of complex IAM, SSO, access governance, and federation issues.
• Author high-quality technical documentation, runbooks, and architectural diagrams.

Required Qualifications (Hard Skills)

• Professional Journey: 5+ years of specialized experience in Identity & Access Management (IAM) engineering roles within enterprise-grade environments.
• Platform Mastery: Proven hands-on experience administering and configuring Okta and Microsoft Entra ID / Azure Active Directory.
• Protocol Expertise: Deep technical understanding of SAML 2.0, SCIM, OIDC, and Just-In-Time (JIT) provisioning.
• HR Inbound Systems: Direct experience integrating IAM platforms with Workday for lifecycle management.
• Scripting & APIs: Solid proficiency in automation scripting using PowerShell or Python, alongside practical experience querying the Microsoft Graph API.
• Architecture Literacy: Comprehensive knowledge of identity federation, SSO patterns, access governance, and authentication flows.

Preferred Qualifications (Nice-to-Haves)

• Direct experience leading or participating in large application portfolio migrations from Okta to Microsoft Entra ID.
• Experience with identity governance, compliance frameworks, access reviews, or Privileged Access Management (PAM).
• Recognized industry certifications from Microsoft (e.g., SC-300) or Okta (e.g., Okta Certified Professional/Consultant).

Key Skills & Tech Stack Summary

• IAM Platforms: Microsoft Entra ID (Azure AD), Okta.
• HRIS Systems: Workday Integration.
• Protocols & Frameworks: SAML 2.0, SCIM, OIDC, JIT Provisioning, Identity Federation.
• Security & Access Control: Conditional Access, SSO, Access Governance.
• Automation & Development: PowerShell Scripting, Python, Microsoft Graph API.
• Operations: Large-scale Migrations, Technical Documentation, Enterprise Troubleshooting.