IAM Engineer

Job Description

Workplace Engineering Specialist (OKTA) – Lead the digital ecosystem enabling employees to work effectively anywhere in the world. You will be the technical expert on Okta, responsible for identity strategy, user lifecycle automation, and access security. The role reports to the Workplace Engineering Lead and focuses on designing, implementing, and managing secure identity and access solutions for new subsidiaries and environments while ensuring existing sites comply with IT standards.

Key Responsibilities

• Lead Okta Architecture & Identity Management: Drive design and implementation of Okta federation strategy (SAML, OIDC), advanced authentication policies (MFA, Adaptive MFA), and SCIM provisioning/deprovisioning. Build scalable identity lifecycle processes with Okta Workflows, Inline Hooks, and Event Hooks.
• Pioneer Cloud‑Native Identity: Drive decommissioning of on‑premises Active Directory and accelerate transition to a secure, modern, cloud‑only architecture.
• Strengthen Security and Governance: Define and enforce identity governance policies (OPA), manage non‑human and service accounts, and collaborate with Security/Platform teams to implement Zero Trust model and conditional access policies.
• Ensure Compliance and Excellence: Produce technical documentation for audits and compliance, and manage critical infrastructure components such as 802.1X radius.
• Enable Business and Growth: Act as Level 3 support for authentication and access issues, support business teams with seamless application integration via Okta SSO, and mentor teammates to elevate overall expertise.
• Contribute to Collaboration Ecosystem: Participate in administration and optimization of the Google Workspace environment, complementing core identity functions.

Qualifications

Essential Technical Skills

• Okta: Professional or Associate certification required; Administrator recommended.
• Mastery of fundamentals: Applications, Universal Directory, Groups, Policies, Flows.
• Protocols: SCIM 2.0, SAML 2.0, OAuth 2.0 / OIDC.
• Automation: Inline Hooks, Event Hooks, Okta Workflows.
• Cloud & SaaS: Google Workspace, Microsoft 365 / Entra ID AD, SharePoint.
• Scripting: PowerShell, Python, or JavaScript for automation.
• IaC: Terraform / IaC for managing Okta configurations (Okta provider).

Additional Skills Appreciated

• Fluency in French and English (other languages a plus).
• Experience with JumpCloud, Jamf Connect or equivalent MDM.
• Experience administering Google Workspace and Microsoft 365 environments.
• HashiCorp Vault for secrets management.
• DevOps / GitOps culture (Git, CI/CD).

Soft Skills

• Technical rigor and ability to produce high‑quality documentation.
• Autonomy and proactive approach in an international environment.
• Excellent interpersonal skills for working with multicultural teams and external partners.
• Pedagogical skills to support users and business teams, simplifying complex concepts.

Benefits

• Tailor‑made training and coaching program.
• Remote working policy.
• Wellness program "Pauses" with in‑house activities and animations.
• Digital mental health platform: access to a psychologist.
• Eco‑responsible company restaurant.
• Individual or family health insurance.
• CSE benefits.
• Rooftop access.
• Gym with free classes.

Additional Perks

• Employee volunteering initiative dedicated to DEI, wellbeing, and the planet.
• Sustainable mobility package – reimbursement up to €600 for public transport/low‑carbon options.
• 5 calendar days of second parent leave with 100% pay (in addition to legal paternity or adoption leave).

Equality, Diversity, and Inclusion

We are committed to having a workforce that is representative of the community it serves at all levels of the organisation. We welcome applications from all backgrounds and all sections of the community regardless of age, disability, gender, race, religion, and sexual orientation.