The Opportunity at Komodo Health
Our team is responsible for overseeing all aspects of security at Komodo Health. We implement and maintain security solutions to protect our systems and data, manage identity and access controls, and handle incident response. We also conduct security assessments, monitor for potential threats, and collaborate with other teams to ensure compliance with security policies and regulations. Our goal is to create a secure and resilient environment that supports the company's growth and innovation.
This role exists to strengthen Komodo Health's security posture by ensuring effective identity and access management. The IAM Engineer will manage user identities, handle access requests, and troubleshoot access issues to protect sensitive data and maintain system integrity. This role will also contribute to developing and implementing IAM policies and procedures.
As an IAM Engineer, you will play a critical role in securing our systems and data. You will have the opportunity to work with cutting-edge IAM technologies, collaborate with cross-functional teams, and influence the development of our IAM strategy. Your work will directly impact the security and efficiency of our operations.
Looking back on your first 12 months at Komodo Health, you will have accomplished…
- Identity Lifecycle Management: Design and maintain automated onboarding, offboarding, and departmental transfer processes across our ecosystem (Okta, Google Workspace, etc.).
- Integration & Orchestration: Build and optimize complex, multi-step automation flows. You will be responsible for connecting siloed applications into a cohesive identity fabric.
- Access Governance: Implement and enforce Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) models.
- Security & Compliance: Manage SSO (SAML/OIDC) and MFA configurations. Ensure all access remains compliant with [SOC2/HIPAA/GDPR] standards through regular access reviews and audit logging.
- Custom Tooling: Develop custom scripts and API integrations to bridge gaps where out-of-the-box connectors are unavailable.
- Support & Documentation: Act as a Tier 3 escalation point for complex identity issues and maintain clear technical documentation and architecture diagrams.
You will accomplish these outcomes through the following responsibilities…
- Integrate and manage IdPs within the IAM system.
- Handle and streamline access requests.
- Troubleshoot and resolve access-related issues.
- Develop and implement IAM policies and procedures.
- Collaborate with cross-functional teams for compliance.
- Respond to ad-hoc requests.
What you bring to Komodo Health (required):
- Automation (The "X-Factor"): Okta Workflows: Proven ability to build event-driven flows, use custom API connectors, and handle error logic.
- 5–8+ years of experience in Identity and Access Management, including significant hands-on expertise with Okta (including OIE & OIG).
- Strong understanding of identity lifecycle management, directory services, SSO, MFA, SCIM provisioning, and federation (SAML, OIDC, OAuth).
- Proven experience partnering with IT, HR, and other cross-functional teams to design and implement IAM solutions.
- Demonstrated ability to streamline and automate processes using automation.
- Knowledge of IAM policies and procedures development.
- Excellent problem-solving, communication, and stakeholder management skills.
- Experience with auditing, governance, and access certification processes.
Additional skills and experience we’d prioritize (nice to have)…
- Experience with IAM tools such as Auth0, or Azure AD.
- Experience integrating IAM with HR systems (e.g., Workday)
- Knowledge of compliance requirements related to IAM.
- Background in cloud platforms (AWS, GCP, Azure) and IAM integrations.
- Familiarity with privileged access management (PAM) solutions.
- Experience with Workato or other automation platforms.
- Scripting: Proficiency in Python or PowerShell for automating repetitive tasks and handling large-scale data imports/exports.
- APIs: Comfortable working with RESTful APIs, JSON, and Webhooks.
- Infrastructure as Code: Experience using Terraform to manage identity providers.
- Security Mindset: Understanding of Zero Trust architecture and Privileged Access Management (PAM) tools like CyberArk or 1Password.
- Certifications: Okta Certified Professional/Administrator/Consultant, or Workato Automation Pro.
#LI-Remote
