HiringCafe
Posted 1mo ago

IAM Developer

@ Astreya
View All Jobs
Coimbatore, Tamil Nadu, India
OnsiteFull Time
Responsibilities:Administer IAM, Provision users, Audit logs
Requirements Summary:5+ years IAM experience with Google Workspace and Okta; SSO, MFA, GA, SCIM, SAML, OAuth/OIDC; global enterprise environment; 5k+ users.
Technical Tools Mentioned:Google Workspace, Okta, GAM, SAML 2.0, OAuth, OIDC, SCIM, MFA
Save
Mark Applied
Hide Job
Report & Hide
Job Description

Role Overview:

Thoughtworks is seeking an experienced(Minimum 5+ years) IAM Specialist with strong expertise in Google Workspace and Okta to support our User Identity services.

This role is responsible for the day-to-day management of identity and access across the Thoughtworks ecosystem, including user lifecycle management (Joiner–Mover–Leaver), access provisioning, SSO integrations, MFA policies, and Identity compliance.

The ideal candidate has hands-on experience operating Google Workspace and Okta in a global enterprise environment and can ensure stability, security, and smooth execution of IAM business-as-usual (BAU) activities.

This is a hands-on operational role focused on reliability, access governance, and maintaining a secure identity environment.

Key Responsibilities

1. Google Workspace Administration (Must Have)

  • Administer and optimize Google Workspace in a multi-OU enterprise environment
     

  • Manage user lifecycle (Joiner–Mover–Leaver) automation and provisioning workflows
     

  • Configure and maintain:
     

    • Admin roles & delegated access
       

    • Groups, Shared Drives, and Drive governance
       

    • Context-aware access and security settings
       

    • Gmail routing and domain configurations
       

  • Support investigations using audit logs and reporting tools
     

  • Work with GAM (Google Apps Manager) for bulk operations and automation

2. Okta Identity Management (Must Have)

  • Administer and optimize Okta for enterprise SSO and identity lifecycle
     

  • Manage SAML, OIDC, and SCIM integrations
     

  • Configure and maintain:
     

    • App provisioning and deprovisioning
       

    • MFA policies and sign-on policies
       

    • Lifecycle workflows
       

    • Group-based access controls
       

  • Support secure rollout initiatives (e.g., phishing-resistant MFA, device-bound authentication)
     

  • Troubleshoot federation and authentication issues across integrated systems


 

3. Identity Lifecycle & Access Governance

  • Drive JML process automation between HR systems, Okta, and Google Workspace
     

  • Ensure timely provisioning/deprovisioning and least-privilege enforcement
     

  • Handle IAM tickets and complex access issues
     

  • Partner with Infosec for compliance audits and access reviews
     

  • Maintain clean entitlement models and reduce over-provisioning

Tech Stack Requirements

Must Have

  • 5+ years of hands-on IAM experience
     

  • Deep administration experience in:
     

    • Google Workspace
       

    • Okta
       

  • Strong knowledge of:
     

    • SAML 2.0
       

    • OAuth / OIDC
       

    • SCIM provisioning
       

    • MFA & access policies
       

  • Experience managing identity in a global enterprise environment (5k+ users preferred)
     

Nice to Have

  • Experience with FastPass / passwordless authentication
     

  • Exposure to device trust / device context policies
     

  • Experience in IAM automation at scale
     

  • Knowledge of access governance best practices

Skills & Competencies

  • Strong troubleshooting mindset across identity flows
     

  • Ability to collaborate across Security, Data, and Infrastructure teams
     

  • Strong documentation and process design skills
     

  • Comfortable operating in a high-scale, multi-region enterprise
     

  • Ability to challenge insecure practices and drive improvement