System Engineer

• Competitive salary and employee benefit package
• Strong learning culture
• Growth perspectives
• 6% 401K match
• 20 days of PTO and 2 Floating Days
• Paid parental leave
• An opportunity to love what you do

• Proven expert knowledge of Azure Entra ID capabilities such as Conditional Access Policies, Privileged Identity Manager and Application Registrations
• Strong understanding of PIM and the assignment of roles / IAM permissions on Management Groups, Subscriptions and Resources
• Azure Infrastructure Management to include user accounts, groups, conditional policies, Intune management, mobile device management, and endpoint security
• Strong understanding of App registration, Enterprise Apps, SPN’s and managed identities with the understanding of least privileged administration when it comes to MS Graph API allocation of permissions
• Strong understanding of multifactor authentication, SSPR and WHfB
• Strong PowerShell scripting Skills, automation, and scheduling skills when working with data in Azure
• Good understanding of Intune polices management and autopilot
• An individual that stays abreast of the latest Entra ID features, best practices, and security trends, and make recommendations for continuous improvement

• Strong background in Active Directory covering domains than span geo locations with numerous DC`s and AD sites and a user based of 5000+

• Strong understanding of DNS and GPO`s, user object and OU administration

• Solid understanding of Microsoft Tiering, IAM, and PAM concepts

• Strong knowledge of server operating systems from Windows 2016 to Windows 2025

• Strong understanding of the FSMO roles when it comes to maintaining the security and the integrity of the domain
• Strong understanding of the delegation of permissions across the domain OU structure

• Strong PowerShell scripting skills, automation, and scheduling skills
• Solid understanding of the recovery steps needed to recover a domain in the event of a disaster

• Able to demonstrate a strong understanding of IAM concepts, including identity federation, SSO, SAML, OAuth, OIDC, MFA, role-based access control (RBAC), and least privilege principles
• Able to provide Okta subject matter expertise to a variety of program stakeholders on application integration, IAM functionality, and Okta’s feature roadmap
• Capable of designing and implementing Okta platform configurations to align with overall solution architecture and customer requirements. Willing to collaborate with Solution Architects, other solution component SMEs and stakeholders to develop and refine solution requirements. Ensuring secure and efficient access for on-premises and cloud-based applications and resources.
• Able to drive and support customer application integrations into Okta-based IAM solutions. Troubleshoot and resolve technical issues before, during and after application integration

• Follow work plans, established timelines, and predefined goals for assigned work.

• Meet commitments on deadlines.

• Communicate activities, results, and observations with employees and management as appropriate.

• Identify areas for improvement in existing business practices.

• Perform work thoroughly in a cost-efficient manner and at a high productivity level.

• Comply with all corporate policies and procedures.

• Report any breakdowns in controls to management.

• Conduct all activities in a safe manner.

• No people management responsibility.

• Knowledge and experience of CyberArk advantageous.
• Knowledge and experience with Rubrik advantageous.
• Microsoft, Azure or Okta certification are highly beneficial.

• Overtime hours may be required to fulfill job responsibilities

• May be required to remain stationary for extended periods of time

• May be required to move up to 10 pounds

• Must be able to operate a computer and other devices

• Close vision and ability to adjust focus, such as required to read a computer screen

Tokio Marine