Company Name
ARS-Rescue RooterOverview
Role Summary
Builds and secures ARS identity services (Okta, Entra ID/AD, CyberArk). Implements SSO/MFA, Conditional Access, lifecycle automation, and privileged access controls for human and machine identities.
Responsibilities
Primary Responsibilities
- Administer Okta and Entra ID/AD; implement SSO/MFA/Conditional Access and Harden admin tiers.
- Design secure API authentication and lifecycle automation (onboarding/offboarding, SCIM/JIT).
- Operate PIM/PAM for privileged identities—role design, approvals, JIT access, and session monitoring.
- Integrate identity telemetry into SIEM/XDR; support access reviews and identity audits.
- This position will participate in an on-call rotation.
Key Outcomes & KPIs
- 100% MFA on privileged accounts; reduction in standing privilege; zero orphaned accounts.
- Verified API auth patterns for key apps; documented Conditional Access coverage.
Qualifications
Required Qualifications
- 5+ years in IAM; hands‑on with Okta/Entra; strong knowledge of OAuth/OIDC/SAML and SCIM provisioning.
- Experience with PIM/PAM platforms and identity lifecycle automation.
- AI Fluency: Demonstrated ability to leverage Claude or ChatGPT to continuously improve identity governance, access reviews, and policy automation.
Tools & Technologies
- Okta, Microsoft Entra ID/AD, CyberArk, PIM/PAM tools, identity governance/reporting, SCIM/JIT integrations
Collaboration & Decision Rights
- Partners with App/Infra teams on integrations; authority over identity policies and admin standards; consults with GRC on access governance and audit evidence.
ARS-Rescue Rooter is an Equal Opportunity Employer AA/EOE/M/F/V/D. In compliance with the Americans with Disabilities Act, ARS-Rescue Rooter may provide reasonable accommodations to qualified individuals with disabilities and encourages both prospective and current employees to discuss potential accommodations with the employer.