Principal, Identity & Access Management (IAM)

Posted Yesterday
Be an Early Applicant
Hiring Remotely in United States
Remote
116K-132K Annually
Senior level
Big Data • Information Technology • Security • Software
The Role
Lead technical authority for the enterprise IAM program: define roadmap and architecture, manage Okta and Entra ID configurations and federation, build automated provisioning/deprovisioning (UKG integration), enforce RBAC and Zero Trust controls, drive audits/compliance, mentor IAM engineers, and integrate identity solutions across security, infrastructure, and application teams.
Summary Generated by Built In

Welcome to Aventiv! Please watch this brief video to find out if this is the place you want to be!

Aventiv Technologies – Where your future awaits - YouTube

**Associate Referral Reward Eligible**

Job Purpose: The Principal, Identity and Access Management (IAM) is the senior technical authority for the organization’s identity ecosystem. This individual contributor role is responsible for defining the technical vision, engineering standards, and architectural direction of the IAM program. The Principal works closely with IAM team members, engineering peers, and leadership to ensure secure, compliant, and seamless access to enterprise resources — balancing rigorous security standards with operational efficiency. This role leads through technical expertise: mentoring through hands-on collaboration, driving automation and innovation, and ensuring the identity architecture aligns with the organization’s broader security posture and business objectives. 

Essential Duties:

  • Define and own the technical roadmap for the IAM program, setting engineering standards, design patterns, and best practices for the team to follow. 
  • Serve as the subject matter expert (SME) and escalation point for complex IAM issues spanning on-premises, cloud, and hybrid environments. 
  • Evaluate emerging identity technologies, protocols, and vendor capabilities; make recommendations to leadership on adoption and investment. 
  • Author and maintain reference architectures, technical design documents, and decision records for the IAM domain. 
  • Serve as the primary technical owner of the Okta organization, managing Universal Directory, Lifecycle Management, and adaptive MFA policies. 
  • Engineer and optimize complex Entra ID (Azure AD) configurations, including Conditional Access policies, Privileged Identity Management (PIM), and Enterprise App registrations within the M365 tenant. 
  • Architect and maintain the federation between Okta and Entra ID to ensure unified identity synchronization and seamless user experiences. 
  • Design and manage the pipeline for integrating new SaaS applications into Okta via SAML/OIDC, ensuring consistent security standards. 
  • Own the end-to-end identity lifecycle integration between UKG (HRIS) and Okta. Ensure accurate attribute mapping, logic handling for transfers/promotions, and immediate termination processing. 
  • Design and build automated provisioning/de-provisioning workflows (using Okta Workflows, PowerShell, or Python) to ensure zero-day readiness and reduce manual service desk tickets. 
  • Troubleshoot synchronization errors between UKG, Active Directory, and Okta to ensure downstream systems reflect accurate employee data. 
  • Execute and improve periodic access certification campaigns within Okta/Entra ID to validate user entitlements and satisfy audit requirements. 
  • Enforce and evolve RBAC (Role-Based Access Control) models, specifically auditing Global Admin and other high-privilege roles within the M365 tenant. 
  • Implement and continuously improve security controls related to the organization’s identity posture, aligned with Zero Trust principles. 
  • manage multiple concurrent technical initiatives (e.g., app integrations, M&A migrations, platform upgrades) with competing deadlines. 
  • Contribute to audit evidence preparation and regulatory compliance efforts related to identity and access. 
  • Provide technical guidance and hands-on coaching to IAM team members through design reviews, pair troubleshooting, and knowledge-sharing sessions. 
  • Partner with Security, Infrastructure, Application, and Service Desk teams to ensure identity solutions are well-integrated and operationally supported. 
  • Translate complex IAM concepts for non-technical stakeholders (HR, Legal, Finance) and convert business requirements into technical solutions. 
  • Maintain up-to-date documentation for system architecture, data flows, and operational runbooks for the Service Desk. 

                                        Knowledge, Skills, and Abilities:

                                        • Deep expertise in Okta Identity Cloud, specifically Universal Directory, Policy Frameworks, and Lifecycle Management. 
                                        • Advanced knowledge of Active Directory (multi-domain forests), Entra ID Connect (sync rules), and Entra ID (Azure AD) governance features. 
                                        • Strong ability to read and write JSON and interact with RESTful APIs, essential for building complex Okta Workflows and troubleshooting integrations. 
                                        • Expert understanding of authentication protocols (SAML 2.0, OIDC, OAuth 2.0, WS-Fed, Kerberos, LDAP) and the ability to troubleshoot handshakes using tools like Fiddler or browser developer tools. 
                                        • Proficiency in PowerShell for bulk administration and reporting (Microsoft Graph SDK); experience with Python is a plus. 
                                        • Detailed understanding of how HR data events (hire, rehire, leave of absence, termination) translate into technical identity attributes and access states. 
                                        • Familiarity with IAM-related security frameworks and standards, such as NIST SP 800-63 (Digital Identity Guidelines) and Zero Trust architecture principles. 
                                        • Experience working within ITIL frameworks, ensuring identity changes are documented, tested, and communicated effectively to minimize business disruption. 
                                        • Strong written and verbal communication skills with the ability to influence technical direction without direct authority. 

                                                        Minimum Qualifications:

                                                        • High school diploma or GED. 
                                                        • 5 years of progressive experience in Identity & Access Management, including at least 3 years managing an Okta tenant in an enterprise environment. 
                                                        • Demonstrated experience designing and implementing HR-driven provisioning integrations (integrating an HRIS with an IdP). 
                                                        • Experience managing vendor support relationships (opening/escalating tickets with Okta/Microsoft) and monitoring licensing usage. 
                                                        • Proven track record of setting technical standards and providing architectural guidance to engineering teams. 

                                                                 Preferred Qualifications:

                                                                • Bachelor’s degree in Information Technology, Computer Science, or related field. 
                                                                • Industry certifications such as: CISM, CCSP, CISSP, CISA. 
                                                                • Okta Certified Administrator. 
                                                                • Okta Certified Consultant. 
                                                                • Microsoft Certified Identity and Access Administrator Associate (SC-300) or Cybersecurity Architect Expert (SC-100). 
                                                                • Direct experience integrating UKG Pro or UKG Dimensions with Okta. 
                                                                • Experience with Okta Advanced Server Access (ASA) or Entra ID Identity Governance features. 
                                                                • Experience authoring technical roadmaps or reference architectures for IAM programs. 

                                                                              Physical Requirements:

                                                                              • While performing the duties of this job, the employee is regularly required to: stand, sit, talk, hear, and use hands and fingers to operate a computer, telephone, and a variety of office equipment. 
                                                                              • Occasionally, this position may need to reach, stoop, or kneel. 

                                                                                Salary and Benefits:

                                                                                At Aventiv, our salary and benefits are designed to fit you as a whole person. We offer a salary range based on experience and qualifications to ensure your unique contributions are met with our most competitive offer.

                                                                                • $115,751.11 - $131,956.26 per year
                                                                                • Health Insurance
                                                                                • 401(k)
                                                                                • Disability
                                                                                • Life Insurance
                                                                                • Paid Time Off
                                                                                • Voluntary Benefits

                                                                                Aventiv Privacy Policy:

                                                                                www.aventiv.com/privacy

                                                                                Equal Employment Policy:

                                                                                Aventiv is proud to be an equal opportunity employer. All decisions regarding recruiting, hiring, promotion, assignment, training, termination and other terms and conditions of employment will be made without regard to race, color, national origin, biological sex, sexual orientation, gender identity, gender expression, gender presentation, religion, age, pregnancy, disability, work-related injury, veteran status, genetic information, marital status, or any other factor that the law protects from employment discrimination. We do not discriminate based on genetic information in accordance with the Genetic Information Nondiscrimination Act.




                                                                                Equal Opportunity Employer
                                                                                This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.

                                                                                Skills Required

                                                                                • High school diploma or GED
                                                                                • 5 years progressive experience in Identity & Access Management
                                                                                • At least 3 years managing an Okta tenant in an enterprise environment
                                                                                • Experience designing and implementing HR-driven provisioning integrations (HRIS to IdP)
                                                                                • Experience managing vendor support relationships and monitoring licensing usage (Okta/Microsoft)
                                                                                • Proven track record setting technical standards and providing architectural guidance
                                                                                • Deep expertise with Okta Identity Cloud (Universal Directory, Lifecycle Management, adaptive MFA/policy frameworks)
                                                                                • Advanced knowledge of Active Directory (multi-domain forests), Entra ID (Azure AD), and Entra ID Connect sync rules
                                                                                • Ability to read/write JSON and interact with RESTful APIs for building/troubleshooting integrations
                                                                                • Expert understanding of authentication protocols (SAML 2.0, OIDC, OAuth 2.0, WS-Fed) and Kerberos/LDAP troubleshooting
                                                                                • Proficiency in PowerShell for bulk administration and reporting (experience with Microsoft Graph SDK)
                                                                                • Familiarity with IAM-related security frameworks and Zero Trust principles and working within ITIL frameworks
                                                                                • Strong written and verbal communication and ability to influence without direct authority
                                                                                • Experience with Python (scripting for automation)
                                                                                • Direct experience integrating UKG Pro or UKG Dimensions with Okta
                                                                                • Okta Certified Administrator or Okta Certified Consultant
                                                                                • Microsoft Certified Identity and Access Administrator Associate (SC-300) or SC-100
                                                                                • Bachelor's degree in IT, Computer Science, or related field
                                                                                • Experience with Okta Advanced Server Access (ASA) or Entra ID Identity Governance features
                                                                                Am I A Good Fit?
                                                                                beta
                                                                                Get Personalized Job Insights.
                                                                                Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

                                                                                The Company
                                                                                HQ: Plano, TX
                                                                                1,001 Employees

                                                                                What We Do

                                                                                Aventiv Technologies is a diversified technology company that provides innovative solutions to customers in the corrections and government services sectors. Aventiv is the parent company to Securus Technologies and AllPaid, leading providers of innovative products and services. The collective power of these unified organizations deliver superior value and service to all of our customers nationwide. We believe society improves when modern standards of simplicity are integrated with the highest demands of security. That’s why we apply technology solutions to make complex connections more secure and more convenient than ever before. Whether in communications, media and entertainment, payments, or monitoring, we help transform the industries we serve and impact the lives they touch each day. We lead with technology to solve problems in revolutionary ways and are dedicated to making the complex simple by fusing integrated products with unparalleled service. With our legacy in superior security, we ensure safety and reliability at every touchpoint, and earn trust one connection at a time. Relentlessly improving, we optimize our data-driven solutions to improve outcomes for all of our customers, helping people and technology work better together.

                                                                                Similar Jobs

                                                                                PwC Logo PwC

                                                                                Data Engineer

                                                                                Artificial Intelligence • Professional Services • Business Intelligence • Consulting • Cybersecurity • Generative AI
                                                                                Remote or Hybrid
                                                                                34 Locations
                                                                                370000 Employees
                                                                                77K-202K Annually

                                                                                General Motors Logo General Motors

                                                                                Chevrolet District Manager Parts and Service

                                                                                Automotive • Big Data • Information Technology • Robotics • Software • Transportation • Manufacturing
                                                                                Remote or Hybrid
                                                                                United States
                                                                                165000 Employees
                                                                                81K-109K Annually

                                                                                General Motors Logo General Motors

                                                                                District Manager Parts and Service (Columbus)

                                                                                Automotive • Big Data • Information Technology • Robotics • Software • Transportation • Manufacturing
                                                                                Remote or Hybrid
                                                                                United States
                                                                                165000 Employees
                                                                                81K-109K Annually

                                                                                General Motors Logo General Motors

                                                                                Chevrolet District Manager Parts and Service

                                                                                Automotive • Big Data • Information Technology • Robotics • Software • Transportation • Manufacturing
                                                                                Remote or Hybrid
                                                                                United States
                                                                                165000 Employees
                                                                                106K-141K Annually

                                                                                Similar Companies Hiring

                                                                                Golden Pet Brands Thumbnail
                                                                                Digital Media • eCommerce • Information Technology • Marketing Tech • Pet • Retail • Social Media
                                                                                El Segundo, California
                                                                                178 Employees
                                                                                Kepler  Thumbnail
                                                                                Fintech • Software
                                                                                New York, New York
                                                                                6 Employees
                                                                                Onshore Thumbnail
                                                                                Artificial Intelligence • Fintech • Software • Financial Services
                                                                                New York, New York
                                                                                60 Employees

                                                                                Sign up now Access later

                                                                                Create Free Account

                                                                                Please log in or sign up to report this job.

                                                                                Create Free Account