Identity & Access Management (IAM) Engineer – Okta & Microsoft Entra

Cohesity is the leader in AI-powered data security. Over 13600 enterprise customers including over 85 of the Fortune 100 and nearly 70% of the Global 500 rely on Cohesity to strengthen their resilience while providing Gen AI insights into their vast amounts of data. Formed from the combination of Cohesity with Veritas enterprise data protection business the companys solutions secure and protect data on-premises in the cloud and at the edge. Backed by NVIDIA IBM HPE Cisco AWS Google Cloud and others Cohesity is headquartered in Santa Clara CA with offices around the globe.

Weve been named a Leader by multiple analyst firms and have been globally recognized for Innovation Product Strength and Simplicity in Design and our culture.

Want to join the leader in AI-powered data security

We are seeking a highly experienced Identity & Access Management (IAM) Engineer with deep handson expertise in Okta Microsoft Entra ID and Microsoft 365. The role has a strong emphasis on Okta application onboarding Okta Identity Governance (OIG) Okta Workflows automation and Device Posture configuration.

This role will act as a handson technical owner of the identity platform delivering secure automated and scalable identity solutions across SaaS cloud and onpremises environments.

HOW YOULL SPEND YOUR TIME HERE

Okta Platform Ownership (Primary Focus)

• Own and operate Okta Workforce Identity Cloud

• Design implement and maintain:

  • Single SignOn (SSO)

  • MultiFactor Authentication (MFA)

  • Adaptive and riskbased access policies

• Manage Universal Directory attribute mappings and profile sources

• Configure and maintain Okta agents (AD and LDAP)

Application Onboarding (Mandatory)

• Handson onboarding of applications into Okta is mandatory

• Lead endtoend application integrations including:

  • SAML 2.0

  • OIDC / OAuth 2.0

• Work with application teams to:

  • Design secure authentication flows

  • Define attribute mappings and claims

  • Validate access patterns and user experience

• Maintain application standards and onboarding documentation

Identity Lifecycle & Automation (Core Requirement)

• Own JoinerMoverLeaver (JML) processes endtoend

• Extensive handson experience with Okta Workflows (mandatory)

  • Build and maintain workflows for provisioning deprovisioning and access changes

  • Integrate HR systems (e.g. Workday) and downstream applications

  • Implement approvals exception handling and audit logging

• Implement and manage SCIMbased provisioning

• Ensure timely removal of access and leastprivilege enforcement

Okta Identity Governance (OIG) Mandatory

• Implement and operate Okta Identity Governance (OIG)

• Design and manage:

  • Access request workflows

  • Approval chains

  • Entitlement management

• Support periodic access reviews and certifications

• Ensure governance controls meet audit and compliance requirements

Device Posture & Conditional Access (Mandatory)

• Design and implement Device Posture checks in Okta

• Integrate device posture with:

  • Adaptive access policies

  • MFA and conditional access rules

• Enforce secure access based on:

  • Device trust

  • Compliance posture

  • User context

• Collaborate with endpoint and security teams to align posture policies

Microsoft Entra ID & Microsoft 365

• Integrate Okta with Microsoft Entra ID (Azure AD)

  • Federation and identity scenarios

  • Alignment with Conditional Access

• Support and manage Microsoft 365 access via Okta

  • User lifecycle

  • Groupbased access

  • Role and licence assignment models

• Partner with M365 teams to ensure consistent and secure access patterns

Directory Services (LDAP / Active Directory)

• Strong handson experience with LDAP and Active Directory

• Manage:

  • Directory integrations with Okta

  • Attribute mappings and sync rules

  • Hybrid identity scenarios

• Troubleshoot authentication sync and agentrelated issues

Security Compliance & Operations

• Enforce Zero Trust identity principles

• Support audits and regulatory requirements (ISO 27001 SOC 2 GDPR)

• Monitor identityrelated security events and support incident response

• Perform regular policy access and configuration reviews

Documentation & Collaboration

• Produce highquality technical documentation and runbooks

• Act as a subjectmatter expert for IAM and Okta

• Provide thirdline support for identityrelated incidents

• Work closely with Security Cloud Infrastructure and Application teams

Wed Love talking to you if you have many of the following

• Strong handson Okta experience (5 years preferred)

• Proven experience onboarding applications into Okta

• Handson Okta Workflows experience (mandatory)

• Experience with Okta Identity Governance (OIG)

• Experience configuring Device Posture in Okta

• Strong experience with Microsoft Entra ID (Azure AD)

• Experience supporting Microsoft 365

• Demonstrated experience leveraging AI tools to streamline workflows enhance productivity and support high-quality decision-making.

• Strong LDAP and Active Directory experience

• Deep understanding of:

  • SAML OAuth 2.0 OpenID Connect

  • MFA and modern authentication patterns

Desirable / NicetoHave

• Okta certifications (Professional Administrator Consultant)

• Terraform or InfrastructureasCode for Okta

• Experience with PAM tools (Teleport CyberArk BeyondTrust)

• Experience in large regulated or enterprise environments

Soft Skills

• Excellent communication and stakeholdermanagement skills

• Comfortable owning and driving identity platforms

• Strong security mindset and attention to detail

• Able to operate independently in complex environments

Data Privacy Notice for Job Candidates:

For information on personal data processing please see our .

Equal Employment Opportunity Employer (EEOE)

Cohesity is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race color creed religion sex sexual orientation national origin or nationality ancestry age disability gender identity or expression marital status veteran status or any other category protected by law.

If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process or are limited in the ability or unable to access or use this online application process and need an alternative method for applying you may contact us atCOHESITY or for assistance.

In-Office Expectations

Cohesity employees who are within a reasonable commute (e.g. within a forty-five (45) minute average travel time) work out of our core offices 2-3 days a week of their choosing.

Interested candidates based outside of the designated areas are welcome to apply provided they have the right to work in the job location.