Identity & Access Management (IAM) Engineer

Expected

Optional

Operating system

StoneX requires the expertise of an Okta Contractor to support internal software development and platform engineering teams in implementing advanced Okta configurations, enhancing security, and automating identity workflows. This engagement will focus on securing and scaling identity solutions across workforce and customer applications while ensuring that operational and development teams are trained in best practices. In this role, you will take an important part in optimizing, securing, and scaling our Okta platform, ensuring it remains a robust foundation for millions of interactions. Our journey is also one of governance, as we contribute to efforts that ensure our platforms meet industry standards and regulatory requirements.

• Develop and configure Okta Workflows to streamline the setup of OpenID Connect applications, including the creation of associated groups, assigning administrative roles, and setting up custom authorization servers with scoped security.
• Create workflows to automate the integration of third-party identity providers and provide troubleshooting assistance for federation-related issues.
• Support development teams in implementing OpenID Connect auth flows using Okta SDKs.
• Offer guidance to ensure client-facing apps are both efficient and secure, utilizing CIAM (Customer Identity and Access Management) best practices.
• Assist with maturing StoneX’s Okta workforce tenants, including transitioning from static to risk-based authentication policies and roll out of passwordless authentication flows.
• Assist internal software development teams in implementing customer-friendly UX for the upcoming flagship app, covering features such as MFA enrollment, registration flows, lockout handling, step-up authentication, and session management.
• Collaborate with development teams to design a scalable, secure model for Okta auth server configurations. Educate teams on necessary auth server changes and guide them through the migration process, ensuring alignment with secure downstream API consumption.
• Develop training materials on new Okta functionalities to operational, identity-focused teams.
• Educate operational teams on best practices for application health monitoring and SCIM integrations, especially for applications currently lacking provisioning capabilities.
• Work with the Platform Engineering team to build an IaC repository to automate Okta application lifecycle management, including app creation, group management, and policy configuration.
• Support the migration of StoneX’s internal M2M (machine-to-machine) authorization platform to use Okta client credentials flow for OIDC applications.
• Assist with the migration of applications currently using Entra for Single Sign-On (SSO) to Okta, ensuring minimal disruption and secure integration.

Optional

This is how we work

Team members

• documentation
• testing environments

• development budget
• industry-specific e-learning platforms
• intracompany training
• mentoring
• substantive support from technological leaders
• technical knowledge exchange within the company
• time for development of your ideas

• Remote (1-2 travels to Cracow per month)
• Length of contract - 6 to 12 months

• sharing the costs of sports activities
• private medical care
• sharing the costs of professional training & courses
• life insurance
• remote work opportunities
• flexible working time
• fruits
• corporate products and services at discounted prices
• integration events
• parking space for employees

• Engage in a deep variety of business-critical activities that keep our company running efficiently. From strategic marketing and financial management to human resources and operational oversight, you’ll have the opportunity to optimize processes and implement game-changing policies.

StoneX Financial LTD Sp. z o.o. Oddział w Polsce