Customer Identity Engineer

Job Summary

We are hiring a mid-level Okta CIAM Engineer to design and deliver customer identity solutions on the Okta platform. The role will apply security best practices and improve reliability through automation and test-driven deployments. This hybrid position is based in London.

We are seeking a mid-level Okta Customer Identity (CIAM) Engineer to design, implement, and operate customer-facing identity capabilities using the Okta platform. The role is ideal for an engineer who can independently deliver well-scoped solutions, apply security best practices to customer authentication flows, and improve reliability through automation and testable deployments.

The CIAM Engineer will work closely with application teams, security, and governance partners to ensure customer identity experiences are secure, scalable, and compliant, supporting use cases such as registration, login, MFA, federation, M2M, and API access patterns.

• Administer and enhance Okta CIAM configurations including customer authentication policies, MFA enrollment, session management, and sign-on policies.
• Build, maintain, and optimize customer identity flows (e.g., login, registration, account recovery, step-up authentication) with attention to security and user experience.
• Implement and manage customer identity features such as custom claims, token/session behavior, and Authorization Server configurations where applicable.
• Monitor platform health and customer authentication signals; respond to incidents and trends impacting customer login success and security posture.

• Design and implement integrations with customer-facing applications using OIDC/OAuth 2.0 and SAML 2.0, including troubleshooting end-to-end auth flows.
• Partner with application teams to define requirements for claims, scopes, redirect URIs, logout behavior, and session controls.

• Build and maintain automation using Okta Workflows, event hooks/inline hooks (as applicable), and scripting to reduce manual operations and improve consistency.
• Improve operational readiness via runbooks, standardized onboarding of new apps, and reusable configuration patterns.

• Apply security best practices across customer identity including least privilege, secure token policies, MFA strategy, and strong auditability.
• Support compliance and audit evidence collection including configuration traceability, change history, logs, and documented controls.
• Maintain high-quality, versioned documentation including architecture notes, configuration standards, integration guides, and operational runbooks.
• Collaborate with security and governance teams to ensure identity designs align to enterprise policies and customer risk tolerances.

• Lead small-to-medium initiatives end-to-end: scoping, design, implementation, testing, and production rollout.
• Provide technical guidance to junior admins/engineers through reviews, pairing, and knowledge sharing.
• Contribute to reference architecture and platform standards including reusable patterns, best practices, guardrails, and design templates.

• Bachelor’s Degree and/or equivalent experience.
• Proven relevant engineering experience, including hands‑on with Okta in a customer identity context.
• Strong understanding of CIAM fundamentals including authentication flows, MFA enrollment, sessions, and secure customer login patterns.
• Hands‑on experience implementing and troubleshooting protocols such as OIDC, OAuth 2.0, and SAML 2.0.
• Strong troubleshooting, analytical, written, and verbal communication skills.

• Okta certification(s) such as Okta Certified Administrator or Professional is preferable.
• Experience with Authorization Servers, custom claims, token customization, and hooks.
• Experience integrating identity logs with monitoring or SIEM tools.
• Familiarity with security and compliance frameworks such as NIST, SOC 2, and HIPAA.
• Familiarity with ITSM tools and change management processes (e.g., Service Now, Jira).
• Experience managing identity configuration using tools like Terraform.
• Practical experience with automation and repeatability concepts.