Senior IAM Engineer (Okta)

Why Join Exadel We’re an AI-first global tech company with 25+ years of engineering leadership, 2,000+ team members, and 500+ active projects powering Fortune 500 clients, including HBO, Microsoft, Google, and Starbucks. From AI platforms to digital transformation, we partner with enterprise leaders to build what’s next. What powers it all? Our people are ambitious, collaborative, and constantly evolving. About the Client The leading provider of vehicle lifecycle solutions, with headquarters in Chicago, enables the companies that build, insure, and replace vehicles to power the next generation of transportation. Its platform delivers advanced mobile, artificial intelligence, and car technologies. It connects a network of 350+ insurance companies, 24,000+ repair facilities, hundreds of parts suppliers, and dozens of third-party data and service providers. The customer's collective solutions enhance productivity and help clients deliver better experiences for end consumers. What You’ll Do Maintain and improve our identity-server — a Python/FastAPI service that handles Okta SSO authentication, JWT token signing, RBAC via Okta groups, and user redirect routing Configure and manage Okta across SSO (SAML/OIDC), SCIM provisioning, MFA/Adaptive Auth, Workflows, and Lifecycle Management Support multi-IDP federation — connecting external identity providers into our Okta tenant Fix user provisioning and deprovisioning delays, automate manual access management workflows Address security gaps in access controls and conduct access reviews Maintain and extend CLI tooling for Okta user management (user search, group management, bulk assignment, role migration) What You Bring 5+ years of experience in identity and access management engineering Deep Okta expertise - both admin console configuration and programmatic integration via Okta APIs/SDKs Hands-on experience with SSO protocols (SAML 2.0, OIDC/OAuth 2.0) and federation architectures Production experience with Python (FastAPI, Flask, or Django) for building identity/auth services (other language is also acceptable) Working knowledge of Terraform for managing IAM infrastructure as code Experience with SCIM provisioning for automated user lifecycle management Comfortable working independently as the sole IAM owner - you define problems and drive solutions without hand-holding Familiarity with SOC 2 and/or HIPAA compliance requirements as they relate to access controls English level Intermediate+ Legal & Hiring Information Exadel is proud to be an Equal Opportunity Employer committed to inclusion across minority, gender identity, sexual orientation, disability, age, and more Reasonable accommodations are available to enable individuals with disabilities to perform essential functions Please note: this job description is not exhaustive. Duties and responsibilities may evolve based on business needs Your Benefits at Exadel Exadel benefits vary by location and contract type. Your recruiter will fill you in on the details. International projects In-office, hybrid, or remote flexibility Medical healthcare Recognition program Ongoing learning & reimbursement Well-being program Team events & local benefits Sports compensation Referral bonuses Top-tier equipment provision Exadel Culture We lead with trust, respect, and purpose. We believe in open dialogue, creative freedom, and mentorship that helps you grow, lead, and make a real difference. Ours is a culture where ideas are challenged, voices are heard, and your impact matters. Apply To This Job