Senior IT Identity Engineer

Some of the world’s most innovative global enterprise software companies struggle to find technical delivery partners capable of matching their rigorous standards. These teams need a partner that can co-own complex problems from within their own IT environment.

Enter EverOps - the premier Embedded Service Provider. We partner directly with customer IT teams to assess and address mission-critical delivery and infrastructure challenges.

You’ll operate at the intersection of identity & access, and automation, building a scalable, zero-touch, identity-first IT platform.

We’re hiring a Senior IT Identity Engineer with a deep mastery in identity platforms to lead a critical transformation of our identity environment. This role will modernize how we manage Identity, automate onboarding/offboarding, and secure access across the organization.

As a Senior Identity & Access Engineer, you will join our U.S.-Based Virtual Operating Center, working within a dynamic team to own and evolve enterprise identity services across cloud and SaaS environments. Your primary mission will focus on modernizing identity architecture, maturing lifecycle automation, strengthening access controls, and integrating HR-driven identity workflows to improve security, scalability, and user experience.

You will be expected to lead by example - architecting solutions within Okta, designing and building automated provisioning workflows tied to HR systems like Workday & Paylocity. You will drive identity as code using Terraform and GitHub-based operations, while mentoring peers and establishing best practices to ensure scalable, secure, and repeatable identity operations.

• Lead implementation of Okta as the central identity platform (SSO, MFA, lifecycle management)

• Reduce manual IT operations through automation

• Build and manage identity infrastructure using Terraform (or equivalent IaC tools)

• Develop reusable modules for Okta apps, groups, policies, and integrations

• Implement version-controlled identity configurations with full auditability

• Leverage GitHub (GitOps) for:

  • Source control of identity configurations

  • Pull request-based change management

  • CI/CD pipelines (GitHub Actions) for identity deployments

• Enforce approval workflows, testing, and promotion across environments (dev → prod)

• Treat identity changes as code with full traceability and rollback capability

• Design and automate onboarding/offboarding (JML) workflows with zero manual provisioning

• Establish device trust and conditional access policies (identity + endpoint integration)

• Automate workflows across HRIS, identity, and endpoint systems (APIs, scripting, Okta Workflows, Tines, or equivalent)

• Fully automate onboarding/offboarding with clear workflow visibility

• Provide 100% SSO coverage and MFA standardization

• Administer device-based access controls (zero trust foundation)

• 5+ years in Identity & Access Management (IAM) engineering

• Familiarity with cloud IAM (Azure AD / Entra, AWS IAM, GCP IAM), legacy MS AD

• Proven experience integrating HRIS platforms (Paylocity, Workday, ADP, etc.)

• Deep understanding of identity lifecycle workflows (JML, RBAC, provisioning)

• Experience with PAM (Tenable/CyberArk, BeyondTrust) for access management

• Experience with Terraform (or equivalent IaC tools) in production environments

• Experience using GitHub (or similar) for CI/CD and infrastructure automation

• Strong scripting/automation skills (PowerShell, Python, or similar)

• Experience working with APIs and system integrations

• Strong experience with Okta (SSO, MFA, SCIM, lifecycle management)

• Proven experience building onboarding/offboarding automation

• Familiarity managing macOS and Windows environments

• Strong understanding of:

  • SAML / OIDC / SCIM

  • Conditional access / zero trust concepts

• Okta device trust or device-based access controls

• Experience with identity governance or access review tools

• Apple Business Manager, Windows Autopilot

• Slack / ITSM tools (e.g., Jira, ServiceNow, Freshservice)

• Build and manage endpoint platforms:

  • Jamf / Kandji (macOS)

  • Microsoft Intune (Windows)

• Familiarity with security frameworks (NIST, SOC2)

• Incident Reponse / Forensics Awareness to assist with security-related investgations

• 100% Remote Workplace: We’ve been remote since Day 1!

• Unlimited Paid Time Off.

• Equity: Become a true owner of the company.

• 401k with company contribution and sponsored healthcare.

• Professional Growth: Access to training and certification programs to accelerate your career.