Senior IAM Engineer (Okta)

IonQ, Inc. [NYSE: IONQ] is the world’s leading quantum platform and merchant supplier - delivering integrated quantum solutions across computing, networking, sensing, and security. IonQ’s newest generation of quantum computers, the IonQ Tempo, is the latest in a line of cutting-edge systems that have been helping customers and partners including Amazon Web Services, and AstraZeneca achieve 20x performance results and accelerate innovation in drug discovery, materials science, financial modeling, logistics, cybersecurity, and defense. In 2025, the company achieved 99.99% two-qubit gate fidelity, setting a world record in quantum computing performance.

Headquartered in College Park, Maryland, IonQ has operations in California, Colorado, Massachusetts, Tennessee, Washington, Italy, South Korea, Sweden, Switzerland, Canada, and the United Kingdom. Our quantum computing services are available through all major cloud providers, while we also meet the needs of networking and sensing customers across land, sea, air, and space. IonQ is making quantum platforms more accessible and impactful than ever before.  

This Senior IAM Engineer will own the Okta for Government High (FedRAMP High) tenant, which serves as the enterprise Identity Provider and Identity Governance platform for a 1,500+ user organization. The role is the primary technical resource responsible for the build, enhancement, and operation of key functions, including SSO integrations, Identity Governance (OIG), Lifecycle Management, Workflows automation, and Adaptive MFA policy.

In the first three months, you will help develop the core program documentation and workflows. You will collaborate with external teams like IT, Legal and People to integrate into company processes. You will work with our technical security experts to build Identity and Access management processes and procedures.

• →Own the Okta for Government High (FedRAMP High) tenant — configuration, health, lifecycle, and security posture
• →Manage Universal Directory: on-prem AD Agent sync, HRIS attribute mastering, profile mappings, and group rules
• →Build and maintain all SSO app integrations via the Okta Integration Network (OIN) using SAML, OIDC, and SCIM
• →Own and maintain Okta Adaptive MFA policies: factor enrollment rules, risk-based step-up authentication, FIDO2/YubiKey/PIV/CAC configuration
• →Maintain the Okta System Log to Microsoft Sentinel log streaming pipeline and retention configuration
• →Own Okta Identity Governance (OIG): entitlement catalog, access certification campaign setup, SoD policy rules, and access request workflow design
• →Own, Build and Maintain Okta Lifecycle Management: JML automation rules, HRIS connector configuration, and auto-provisioning and deprovisioning into all connected applications, access review triggers, and automated remediation
• →Design, build, and document all Okta-side enhancements including new app onboarding, policy changes, and IGA configuration updates
• →Write test cases for all Okta-side changes; execute UAT jointly with the Identity Governance & Operations Analyst before production promotion
• →Support Identity Operations Specialist on Tier 2 Okta escalations and Workflow troubleshooting
• →Assist Identity Governance & Operations Analyst with OIG campaign configuration and certification reporting

• 4+ years of hands-on Okta administration and engineering experience
• Demonstrated experience with Okta SSO app integrations via SAML 2.0 and OIDC
• Experience with Okta Lifecycle Management and HRIS connector configuration
• Experience building Okta Workflows for provisioning automation
• Experience with Okta Adaptive MFA policy configuration including FIDO2/WebAuthn and hardware token enrollment
• Experience with Okta Universal Directory including AD Agent deployment and profile mastering

• Experience with Okta for Government High (FedRAMP High) or FedRAMP Moderate environments — strong preference
• Okta Identity Governance (OIG) experience — access certifications, SoD, entitlement management
• Experience federating Okta to Microsoft Entra ID / GCCH as a SAML Service Provider
• Familiarity with CMMC, ITAR, GDPR, SOX, SOC 2 compliance requirements
• Experience with SCIM 2.0 provisioning to downstream applications
• Okta Identity Governance certification (preferred)

If you are interested in being a part of our team and mission, we encourage you to apply!