Cohesity is the leader in AI-powered data security. Over 13,600 enterprise customers, including over 85 of the Fortune 100 and nearly 70% of the Global 500, rely on Cohesity to strengthen their resilience while providing Gen AI insights into their vast amounts of data. Formed from the combination of Cohesity with Veritas’ enterprise data protection business, the company’s solutions secure and protect data on-premises, in the cloud, and at the edge. Backed by NVIDIA, IBM, HPE, Cisco, AWS, Google Cloud, and others, Cohesity is headquartered in Santa Clara, CA, with offices around the globe.

We’ve been named a Leader by multiple analyst firms and have been globally recognized for Innovation, Product Strength, and Simplicity in Design , and our culture.

Want to join the leader in AI-powered data security?

We are seeking a highly experienced Identity & Access Management (IAM) Engineer with deep, hands‑on expertise in Okta, Microsoft Entra ID, and Microsoft 365. The role has a strong emphasis on Okta application onboarding, Okta Identity Governance (OIG), Okta Workflows automation, and Device Posture configuration.

This role will act as a hands‑on technical owner of the identity platform, delivering secure, automated, and scalable identity solutions across SaaS, cloud, and on‑premises environments.

HOW YOU’LL SPEND YOUR TIME HERE

Okta Platform Ownership (Primary Focus)

• Own and operate Okta Workforce Identity Cloud

• Design, implement, and maintain:

  • Single Sign‑On (SSO)

  • Multi‑Factor Authentication (MFA)

  • Adaptive and risk‑based access policies

• Manage Universal Directory, attribute mappings, and profile sources

• Configure and maintain Okta agents (AD and LDAP)

Application Onboarding (Mandatory)

• Hands‑on onboarding of applications into Okta is mandatory

• Lead end‑to‑end application integrations including:

  • SAML 2.0

  • OIDC / OAuth 2.0

• Work with application teams to:

  • Design secure authentication flows

  • Define attribute mappings and claims

  • Validate access patterns and user experience

• Maintain application standards and onboarding documentation

Identity Lifecycle & Automation (Core Requirement)

• Own Joiner‑Mover‑Leaver (JML) processes end‑to‑end

• Extensive hands‑on experience with Okta Workflows (mandatory)

  • Build and maintain workflows for provisioning, de‑provisioning, and access changes

  • Integrate HR systems (e.g., Workday) and downstream applications

  • Implement approvals, exception handling, and audit logging

• Implement and manage SCIM‑based provisioning

• Ensure timely removal of access and least‑privilege enforcement

Okta Identity Governance (OIG) – Mandatory

• Implement and operate Okta Identity Governance (OIG)

• Design and manage:

  • Access request workflows

  • Approval chains

  • Entitlement management

• Support periodic access reviews and certifications

• Ensure governance controls meet audit and compliance requirements

Device Posture & Conditional Access (Mandatory)

• Design and implement Device Posture checks in Okta

• Integrate device posture with:

  • Adaptive access policies

  • MFA and conditional access rules

• Enforce secure access based on:

  • Device trust

  • Compliance posture

  • User context

• Collaborate with endpoint and security teams to align posture policies

Microsoft Entra ID & Microsoft 365

• Integrate Okta with Microsoft Entra ID (Azure AD)

  • Federation and identity scenarios

  • Alignment with Conditional Access

• Support and manage Microsoft 365 access via Okta

  • User lifecycle

  • Group‑based access

  • Role and licence assignment models

• Partner with M365 teams to ensure consistent and secure access patterns

Directory Services (LDAP / Active Directory)

• Strong hands‑on experience with LDAP and Active Directory

• Manage:

  • Directory integrations with Okta

  • Attribute mappings and sync rules

  • Hybrid identity scenarios

• Troubleshoot authentication, sync, and agent‑related issues

Security, Compliance & Operations

• Enforce Zero Trust identity principles

• Support audits and regulatory requirements (ISO 27001, SOC 2, GDPR)

• Monitor identity‑related security events and support incident response

• Perform regular policy, access, and configuration reviews

Documentation & Collaboration

• Produce high‑quality technical documentation and runbooks

• Act as a subject‑matter expert for IAM and Okta

• Provide third‑line support for identity‑related incidents

• Work closely with Security, Cloud, Infrastructure, and Application teams

We’d Love talking to you if you have many of the following

• Strong, hands‑on Okta experience (5+ years preferred)

• Proven experience onboarding applications into Okta

• Hands‑on Okta Workflows experience (mandatory)

• Experience with Okta Identity Governance (OIG)

• Experience configuring Device Posture in Okta

• Strong experience with Microsoft Entra ID (Azure AD)

• Experience supporting Microsoft 365

• Demonstrated experience leveraging AI tools to streamline workflows, enhance productivity, and support high-quality decision-making.

• Strong LDAP and Active Directory experience

• Deep understanding of:

  • SAML, OAuth 2.0, OpenID Connect

  • MFA and modern authentication patterns

Desirable / Nice‑to‑Have

• Okta certifications (Professional, Administrator, Consultant)

• Terraform or Infrastructure‑as‑Code for Okta

• Experience with PAM tools (Teleport, CyberArk, BeyondTrust)

• Experience in large, regulated, or enterprise environments

Soft Skills

• Excellent communication and stakeholder‑management skills

• Comfortable owning and driving identity platforms

• Strong security mindset and attention to detail

• Able to operate independently in complex environments

Data Privacy Notice for Job Candidates:

For information on personal data processing, please see our Privacy Policy.

Equal Employment Opportunity Employer (EEOE)

Cohesity is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status or any other category protected by law.

If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact us at 1-855-9COHESITY or talent@cohesity.com for assistance.

In-Office Expectations

Cohesity employees who are within a reasonable commute (e.g. within a forty-five (45) minute average travel time) work out of our core offices 2-3 days a week of their choosing.

Interested candidates based outside of the designated areas are welcome to apply, provided they have the right to work in the job location.