Sr Identity & Access Engineer

OEC provides software solutions to those who work in the automotive parts and repair industry. Our solutions make it easier for automotive industry professionals to buy and sell parts, conduct repair research \& planning, optimize estimates, improve the parts supply chain, and more. OEC partners with many of the world’s largest manufacturers, dealers and suppliers, shops and repairers, and service providers, giving our customers access to a comprehensive network and a streamlined workflow. Interview integrity requirement Candidates must personally complete all interviews and technical assessments. The use of proxies or third\-party representatives during any stage of the hiring process is prohibited and will result in disqualification. Final candidates will be required to participate in at least one in\-person interview. Some travel for this role is expected. Reasonable accommodations will be provided in accordance with applicable laws. About the Role You’ll own and evolve OEC’s enterprise identity platform—the core security control plane that protects everything we do. This role goes beyond administration: you’ll shape architecture, strengthen our security posture, and drive scalable identity solutions across Active Directory, Microsoft Entra ID, and Okta. You’ll operate in a distributed U.S./India environment where autonomy, strong documentation, and thoughtful engineering are key. If you enjoy balancing security with user experience and want true ownership of a critical platform, this is that role. What You’ll Do * Own the identity platform end\-to\-end: availability, performance, and security across AD, Entra ID, and Okta * Design modern access controls: MFA, passwordless, Conditional Access, and adaptive authentication * Enforce least privilege at scale using RBAC/ABAC and automate Joiner/Mover/Leaver (JML) processes * Lead cloud identity strategy across Entra ID and AWS IAM, including federation and workload identities * Secure privileged access with PIM/PAM and resilient break\-glass patterns * Detect and respond to threats using SIEM/log platforms; lead identity\-related incident investigations * Own SOC 2 identity controls including access reviews, certifications, and audit readiness * Act as a subject matter expert: build architecture diagrams, runbooks, and integration standards * Collaborate and mentor through peer reviews, knowledge sharing, and team upskilling * Participate in an on\-call rotation supporting a critical security platform What You Bring * 7\+ years of hands\-on IAM experience in enterprise environments * Deep expertise across Active Directory, Entra ID, and Okta * Experience designing hybrid identity architectures and modern access strategies * Strong background in identity security, incident response, and compliance frameworks (SOC 2, NIST, ISO) * Proven ability to own and evolve platforms, not just support them Technical Skills You don’t need everything, but strong experience in most of the below: * Active Directory: domains, forests, GPOs, Kerberos, LDAP * Microsoft Entra ID: Conditional Access, MFA, Identity Protection, PIM, Entra Connect * Okta: SSO, lifecycle management, integrations, federation, Workflows * Protocols: SAML, OAuth 2\.0, OIDC * Access Models: RBAC/ABAC, entitlement design, JML automation * Privileged Access: PIM, PAM, break\-glass strategies * Cloud IAM: AWS IAM, federated identity, cross\-platform trust * Security Monitoring: SIEM tools (Sentinel, Splunk), Entra \& Okta logs * IGA Tools: SailPoint, Saviynt, or Entra ID Governance * PAM Tools: CyberArk, BeyondTrust, or Delinea * Automation: SCIM provisioning, scripting (PowerShell required) * Familiarity with AI\-assisted scripting/tools (e.g., Copilot, Claude) is a plus * External identity (B2B): guest access, federation, Entra External ID How You Work * Communicate clearly and constructively—even in high\-pressure situations * Adapt quickly as priorities shift in a fast\-moving environment * Thrive in a remote\-first, highly autonomous team Requirements * Bachelor’s degree in Computer Science, IT, or related field (or equivalent experience) * Relevant certifications preferred: SC\-300, AZ\-500, Okta Certified Professional/Admin Additional Details * Remote role (U.S.\-based) with collaboration across global teams * Occasional travel (potentially international) * Camera\-on participation expected for key meetings Why This Role This is a high\-impact, high\-ownership position where you’ll directly influence the security and scalability of a growing enterprise platform. You won’t just maintain systems—you’ll design, improve, and lead. **What We Offer:** * Full benefits starting Day 1: Medical, Dental, and Vision * 401(k) with company match * Unlimited Flex Time Off plus 10 company\-paid holidays * Professional development programs, tuition assistance, and quarterly book program * Free wellness coaching and pet insurance * Home office equipment stipend * Employee resource groups and exclusive employee discounts What makes working at OEC awesome? It varies from employee to employee. For some, it's the flexibility \- whether it's remote work or a hybrid or in\-person role, OEC takes our teams across multiple time zones and international communities. For others, it's the strong sense of camaraderie and community that celebrates both individuals and team\-driven contributions. Or it could be the empowerment and how the team is encouraged to take risks, learn, and grow within a dynamic and supportive environment. But no matter what gets us out of bed in the morning, our whole global community is inspired to be forward thinking and drive innovative solutions for the automotive parts and repair industry. OEConnection is subject to certain governmental recordkeeping and reporting requirements for the administration of civil rights laws and regulations. In order to comply with these laws, we invite applicants and employees to voluntarily self\-identify their gender, race and ethnicity. Submission of this information is strictly voluntary and refusal to provide it will not subject you to any adverse treatment. The information obtained will be kept confidential and may only be used in accordance with the provision of applicable laws, executive orders, and regulations, including those that require the information to be summarized and reported to the federal government for civil rights enforcement. When reported, data will not identify any specific individual. This information will be maintained separately from your application for employment. If you do not wish to self\-identify at this time, you may do so in the future by submitting this form. Failure to provide the following information will not subject you to any adverse action or treatment. OEConnection is an Equal Opportunity/ Affirmative Action employer. We provide equal employment opportunities to all qualified employees and applicants for employment without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, veteran status, disability or any other legally protected status. We prohibit discrimination in decisions concerning recruitment, hiring, compensation, benefits, training, termination, promotions, or any other condition of employment or career development.