HiringCafe
Posted 2d ago

Okta Customer Identity Engineer

@ Insulet
View All Jobs
United Kingdom
HybridFull Time
Responsibilities:Design CIAM, Integrate federation, Automate workflows
Requirements Summary:Bachelor’s degree or equivalent; CIAM/Okta experience; authentication flows, MFA, OIDC/OAuth2/SAML; strong troubleshooting and communication.
Technical Tools Mentioned:Okta, OIDC, OAuth 2.0, SAML 2.0, Terraform, Okta Workflows
Save
Mark Applied
Hide Job
Report & Hide
Job Description


Job Description

Position Summary  

We are seeking a mid-level Okta Customer Identity (CIAM) Engineer to design, implement, and operate customer-facing identity capabilities using the Okta platform. This role is ideal for an engineer who can independently deliver well-scoped solutions, apply security best practices to customer authentication flows, and improve reliability through automation and testable deployments.  

The CIAM Engineer will work closely with application teams, security, and governance partners to ensure customer identity experiences are secure, scalable, and compliant, supporting use cases such as registration, login, MFA, federation, M2M, and API access patterns.  

Key Responsibilities  

CIAM Platform Engineering & Operations  

  • Administer and enhance Okta CIAM configurations including customer authentication policies, MFA enrollment, session management, and sign-on policies.  

  • Build, maintain, and optimize customer identity flows (e.g., login, registration, account recovery, step-up authentication) with attention to security and user experience.  

  • Implement and manage customer identity features such as custom claims, token/session behavior, and Authorization Server configurations where applicable.  

  • Monitor platform health and customer authentication signals; respond to incidents and trends impacting customer login success and security posture.  

Integrations & Federation  

  • Design and implement integrations with customer-facing applications using OIDC/OAuth 2.0 and SAML 2.0, including troubleshooting end-to-end auth flows.  

  • Partner with application teams to define requirements for claims, scopes, redirect URIs, logout behavior, and session controls.  

Automation, Provisioning & Workflows  

  • Build and maintain automation using Okta Workflows, event hooks/inline hooks (as applicable), and scripting to reduce manual operations and improve consistency.  

  • Improve operational readiness via runbooks, standardized onboarding of new apps, and reusable configuration patterns.  

Security, Governance & Documentation  

  • Apply security best practices across customer identity including least privilege, secure token policies, MFA strategy, and strong auditability.  

  • Support compliance and audit evidence collection including configuration traceability, change history, logs, and documented controls.  

  • Maintain high-quality, versioned documentation including architecture notes, configuration standards, integration guides, and operational runbooks.  

  • Collaborate with security and governance teams to ensure identity designs align to enterprise policies and customer risk tolerances.  

Leadership & Standards 

  • Leads small-to-medium initiatives end-to-end: scoping, design, implementation, testing, and production rollout.  

  • Provides technical guidance to junior admins/engineers through reviews, pairing, and knowledge sharing.  

  • Contributes to reference architecture and platform standards including reusable patterns, best practices, guardrails, and design templates.  

Required Qualifications  

  • Bachelor’s Degree and/or equivalent combination of education and experience

  • Proven relevant engineering experience including combined with hands-on with Okta in a customer identity context.  

  • Strong understanding of CIAM fundamentals including authentication flows, MFA enrollment, sessions, and secure customer login patterns.  

  • Hands-on experience implementing and troubleshooting protocols such as OIDC, OAuth 2.0, and SAML 2.0.  

  • Strong troubleshooting, analytical, written, and verbal communication skills.  

Preferred Qualifications  

  • Okta certification(s) such as Okta Certified Administrator or Professional is preferrable.

  • Experience with Authorization Servers, custom claims, token customization, and hooks.  

  • Experience integrating identity logs with monitoring or SIEM tools.  

  • Familiarity with security and compliance frameworks such as NIST, SOC 2, and HIPAA.  

  • Familiarity with ITSM tools and change management processes (e.g., ServiceNow, Jira). 

  • Experience managing identity configuration using tools like Terraform. 

  • Practical experience with automation and repeatability concepts.  

Insulet Corporation (NASDAQ: PODD), headquartered in Massachusetts, is an innovative medical device company dedicated to simplifying life for people with diabetes and other conditions through its Omnipod product platform. The Omnipod Insulin Management System provides a unique alternative to traditional insulin delivery methods. With its simple, wearable design, the tubeless disposable Pod provides up to three days of non-stop insulin delivery, without the need to see or handle a needle. Insulet’s flagship innovation, the Omnipod 5 Automated Insulin Delivery System, integrates with a continuous glucose monitor to manage blood sugar with no multiple daily injections, zero fingersticks, and can be controlled by a compatible personal smartphone in the U.S. or by the Omnipod 5 Controller. Insulet also leverages the unique design of its Pod by tailoring its Omnipod technology platform for the delivery of non-insulin subcutaneous drugs across other therapeutic areas. For more information, please visit insulet.com and omnipod.com.

We are looking for highly motivated, performance-driven individuals to be a part of our expanding team. We do this by hiring amazing people guided by shared values who exceed customer expectations. Our continued success depends on it!

Please read our Privacy Notice to learn how Insulet handles your personal information when you apply for a vacancy with us here.