Identity Security Engineer

RemoteFull-timePosted Jul 1, 2026
Apply

Company Name

ARS-Rescue Rooter

Overview

Role Summary

Builds and secures ARS identity services (Okta, Entra ID/AD, CyberArk). Implements SSO/MFA, Conditional Access, lifecycle automation, and privileged access controls for human and machine identities.

Responsibilities

Primary Responsibilities

  • Administer Okta and Entra ID/AD; implement SSO/MFA/Conditional Access and Harden admin tiers.
  • Design secure API authentication and lifecycle automation (onboarding/offboarding, SCIM/JIT).
  • Operate PIM/PAM for privileged identities—role design, approvals, JIT access, and session monitoring.
  • Integrate identity telemetry into SIEM/XDR; support access reviews and identity audits.
  • This position will participate in an on-call rotation.

 

Key Outcomes & KPIs

  • 100% MFA on privileged accounts; reduction in standing privilege; zero orphaned accounts.
  • Verified API auth patterns for key apps; documented Conditional Access coverage.

Qualifications

Required Qualifications

  • 5+ years in IAM; hands‑on with Okta/Entra; strong knowledge of OAuth/OIDC/SAML and SCIM provisioning.
  • Experience with PIM/PAM platforms and identity lifecycle automation.
  • AI Fluency: Demonstrated ability to leverage Claude or ChatGPT to continuously improve identity governance, access reviews, and policy automation.

 

Tools & Technologies

  • Okta, Microsoft Entra ID/AD, CyberArk, PIM/PAM tools, identity governance/reporting, SCIM/JIT integrations

 

Collaboration & Decision Rights

  • Partners with App/Infra teams on integrations; authority over identity policies and admin standards; consults with GRC on access governance and audit evidence.

 

ARS-Rescue Rooter is an Equal Opportunity Employer AA/EOE/M/F/V/D. In compliance with the Americans with Disabilities Act, ARS-Rescue Rooter may provide reasonable accommodations to qualified individuals with disabilities and encourages both prospective and current employees to discuss potential accommodations with the employer.

Want jobs like this matched to you?

Swoopd scores fresh postings against your résumé so you only see the matches that matter.

Get started free