Identity Solutions Architect
Okta · New York, NY · 3 days ago
HybridEngineering$242k/yrFull-time
Key Portfolio Focus Areas
- AI Agent & Agentic Identity Security: Architecting how Okta governs non-human, autonomous AI workloads across O4AA (Okta for AI Agents) and A4AA (Auth0 for AI Agents), defining secure authentication and authorization patterns.
- Next-Gen Guardrails: Designing token exchange patterns, security gateways, and implementing the Model Context Protocol (MCP) to secure agent-to-data interactions.
- Hardware-Bound Session Security: Designing Okta’s defense against session cookie thievery by leveraging cryptographically hardware-bound tokens (Okta DBSSO and Chrome DBSC).
- Advanced Threat & Posture Management: Deploying Identity Threat Protection (ITP) for continuous risk evaluation and Identity Security Posture Management (ISPM) to eliminate hidden vulnerabilities across human and machine identities.
What You’ll Be Doing
- Customer Zero Lifecycle Execution (Alpha to EA): Act as the lead architect testing and deploying Alpha identity security features within Okta’s internal IAM environment. Author the technical rollout blueprints and provide the core engineering teams with critical feedback.
- Anti-Session Hijacking Architecture: Design the internal implementation blueprint for how Okta DBSSO and Chrome DBSC complement one another, creating an ironclad, layered defense that protects corporate endpoints from token and cookie exfiltration.
- Open-Source & Community Leadership: Lead the technical effort to open-source the complimentary tools our Customer Zero team builds, transitioning our internal innovations into a massive, thriving community effort with our customers.
- Thought Leadership & Personal Brand: Take the microphone. You will help lead a dedicated "how-to" video series and a potential podcast this year, and take the stage at major events to share our internal playbook.
- Ecosystem Integration: Define how Okta identity is woven into modern orchestration layers (LangChain/Graph, n8n, AWS AgentCore, Google Vertex ADK) and model providers (Azure Foundry, AWS Bedrock, OpenAI, Anthropic).
What You’ll Bring To The Role
- Professional Maturity & Architecture Expertise: 8+ years of overall IT/software development and technical architecture experience, with 3+ years specifically focused on IAM/Security Architecture. You have a proven track record of securing non-human identities (NHIs) or machine-to-machine infrastructure in production.
- Protocol & Threat Literacy: Deep, hands-on knowledge of core protocols: OAuth2/OIDC (especially Token Exchange), SAML, mTLS, JWT, and Model Context Protocol (MCP). Strong technical understanding of modern identity threat vectors (AiTM phishing, info-stealer malware, session hijacking).
- Technical Influence: The ability to author clear Architecture Decision Records (ADRs) and confidently influence at the VP/CTO level, serving as a true peer to product management and product engineering.
- Executive Presence & Communication: Elite verbal and written communication skills. You can translate deep, ambiguous technical architecture into compelling business value for C-suite executives and excel in front of a camera or a live audience.