Sr IAM Engineer (Okta)

We are looking for a Senior IAM Engineer to lead the migration from ForgeRock to Okta Workforce Identity Cloud and serve as the primary Okta resource for the organization. This person will own the end-to-end migration from a business process perspective — mapping identity workflows, user lifecycle management, access policies, and provisioning logic — while ensuring minimal disruption across approximately 13,000 employees spanning retail store locations, distribution centers, and corporate offices. Post-migration, this person will configure, maintain, and optimize the Okta environment as the hands-on IAM lead.

Key Responsibilities:
∙ Lead the ForgeRock-to-Okta migration with a focus on business process mapping, phased rollout planning, and change management across a distributed retail workforce
∙ Configure and maintain Okta Workforce Identity Cloud including user provisioning, application integrations, access policies, and lifecycle management
∙ Build and manage Okta Workflows to automate identity processes and reduce manual overhead
∙ Manage integration between Okta and Microsoft Entra ID as the current application environment, with potential future app migration planning
∙ Support provisioning and access management across a multi-location retail environment with varying access needs by role and location
∙ Serve as the primary Okta resource on the team — this role operates independently without a dedicated Okta development team
∙ Collaborate closely with IT, security, and business stakeholders to align IAM strategy with organizational needs

Pay Rate: $70-$75/hr

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

∙ 5–7 years of experience in IAM with Okta as the primary platform
∙ At least one full IDP-to-Okta migration (any identity provider — ForgeRock experience a plus)
∙ Migration experience should emphasize business process and planning over pure code — understanding how to transition identity workflows, communicate changes, and execute phased rollouts across a large workforce
∙ Strong experience with Okta Workforce Identity Cloud (not CIAM/Auth0)
∙ Hands-on experience with Okta Workflows
∙ Experience with Microsoft Entra ID integration
∙ Background in retail, multi-location, or distributed workforce environments strongly preferred
∙ Comfortable operating as the sole Okta specialist and working independently

∙ Workday integration experience
∙ Scripting skills (PowerShell, Python, or similar) — not the core of the role but should be technically capable of hands-on work when needed
∙ Okta certification
∙ Experience managing identity for high-turnover, frontline/store employee populations

Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.