IAM Specialist (Okta and Google Workspace)
Astreya · Pune District, Maharashtra, India
- On site
- Full-time
- $120,000 / year
- Pune District, Maharashtra, India
Job highlights
- Manage IAM for Google Workspace and Okta.
- Focus on user lifecycle and access provisioning.
- Implement SSO integrations and MFA policies.
- Ensure identity compliance and security for enterprise.
- Automate JML processes and access governance.
About the role
IAM Specialist (Okta and Google Workspace)
Role Overview:We are seeking an experienced (Minimum 5+ years) IAM Specialist with strong expertise in Google Workspace and Okta to support our User Identity services. This role is responsible for the day-to-day management of identity and access across the client ecosystem, including user lifecycle management (Joiner–Mover–Leaver), access provisioning, SSO integrations, MFA policies, and Identity compliance. The ideal candidate has hands-on experience operating Google Workspace and Okta in a global enterprise environment and can ensure stability, security, and smooth execution of IAM business-as-usual (BAU) activities. This is a hands-on operational role focused on reliability, access governance, and maintaining a secure identity environment.
Key Responsibilities
Google Workspace Administration (Must Have)
- Administer and optimize Google Workspace in a multi-OU enterprise environment.
- Manage user lifecycle (Joiner–Mover–Leaver) automation and provisioning workflows.
- Configure and maintain: Admin roles & delegated access, Groups, Shared Drives, and Drive governance, Context-aware access and security settings, Gmail routing and domain configurations.
- Support investigations using audit logs and reporting tools.
- Work with GAM (Google Apps Manager) for bulk operations and automation.
Okta Identity Management (Must Have)
- Administer and optimize Okta for enterprise SSO and identity lifecycle.
- Manage SAML, OIDC, and SCIM integrations.
- Configure and maintain: App provisioning and deprovisioning, MFA policies and sign-on policies, Lifecycle workflows, Group-based access controls.
- Support secure rollout initiatives (e.g., phishing-resistant MFA, device-bound authentication).
- Troubleshoot federation and authentication issues across integrated systems.
Identity Lifecycle & Access Governance
- Drive JML process automation between HR systems, Okta, and Google Workspace.
- Ensure timely provisioning/deprovisioning and least-privilege enforcement.
- Handle IAM tickets and complex access issues.
- Partner with Infosec for compliance audits and access reviews.
- Maintain clean entitlement models and reduce over-provisioning.
Tech Stack Requirements
Must Have
- 5+ years of hands-on IAM experience.
- Deep administration experience in: Google Workspace, Okta.
- Strong knowledge of: SAML 2.0, OAuth / OIDC, SCIM provisioning, MFA & access policies.
- Experience managing identity in a global enterprise environment (5k+ users preferred).
Nice to Have
- Experience with FastPass / passwordless authentication.
- Exposure to device trust / device context policies.
- Experience in IAM automation at scale.
- Knowledge of access governance best practices.
Skills & Competencies
- Strong troubleshooting mindset across identity flows.
- Ability to collaborate across Security, Data, and Infrastructure teams.
- Strong documentation and process design skills.
- Comfortable operating in a high-scale, multi-region enterprise.
- Ability to challenge insecure practices and drive improvement.
Key skills/competency
- IAM Specialist
- Okta
- Google Workspace
- Identity Lifecycle Management
- Access Governance
- SSO Integration
- MFA Policies
- SCIM Provisioning
- SAML 2.0
- OAuth / OIDC
Skills & topics
- IAM Specialist
- Okta
- Google Workspace
- Identity Management
- Access Management
- SSO
- MFA
- SCIM
- SAML
- OIDC
- Joiner Mover Leaver
- Access Governance
- Cloud Security
- Enterprise Security
How to get hired
- Tailor your resume: Highlight your 5+ years of IAM experience, specifically with Okta and Google Workspace, emphasizing SSO, MFA, and JML automation.
- Showcase technical skills: Clearly list your proficiency in SAML 2.0, OAuth/OIDC, SCIM, and experience in global enterprise environments.
- Demonstrate problem-solving: Prepare examples of troubleshooting complex identity and access issues and collaborating with cross-functional teams.
- Quantify achievements: Use numbers to illustrate your impact, such as the number of users managed, systems integrated, or automation improvements made.
- Understand the role: Emphasize your understanding of operational IAM, access governance, and the importance of least-privilege principles.
Technical preparation
Master Okta and Google Workspace administration.,Practice SAML, OIDC, and SCIM integrations.,Build automation scripts for JML processes.,Configure MFA and access policies effectively.
Behavioral questions
Describe a complex IAM issue you solved.,How do you ensure least-privilege access?,How do you collaborate with cross-functional teams?,How do you challenge and improve security practices?
Frequently asked questions
- What are the essential technical skills for the IAM Specialist role at Astreya?
- The IAM Specialist role at Astreya requires a minimum of 5 years of hands-on IAM experience, with deep administration expertise in both Google Workspace and Okta. Key technical skills include strong knowledge of SAML 2.0, OAuth/OIDC, SCIM provisioning, and MFA/access policies. Experience in a global enterprise environment with over 5,000 users is highly preferred.
- How important is experience with Google Workspace and Okta for this position?
- Experience with Google Workspace and Okta is critical for this IAM Specialist position. The job description explicitly lists them as 'Must Have' for both administration and optimization, covering user lifecycle management, SSO integrations, MFA policies, and SCIM provisioning within these platforms.
- What does Astreya look for in terms of soft skills for an IAM Specialist?
- Astreya seeks IAM Specialists with a strong troubleshooting mindset across identity flows. They value the ability to collaborate effectively with Security, Data, and Infrastructure teams, possess strong documentation and process design skills, and are comfortable operating in a high-scale, multi-region enterprise environment. The ability to challenge insecure practices and drive improvement is also highly regarded.
- What are the 'Nice to Have' qualifications for the IAM Specialist role?
- While not mandatory, 'Nice to Have' qualifications for the IAM Specialist at Astreya include experience with FastPass/passwordless authentication, exposure to device trust/device context policies, experience in IAM automation at scale, and knowledge of access governance best practices. These can set a candidate apart.
- Can you describe the typical work arrangement for an IAM Specialist at Astreya?
- Based on the description, this role involves supporting 'day-to-day management of identity and access across the client ecosystem' and operating in a 'global enterprise environment.' While not explicitly stated, such roles often lean towards hybrid or remote arrangements, especially with a focus on operational tasks. However, specific details would need to be confirmed.
- What is the expected user base size for this IAM Specialist role?
- The job description specifies that experience managing identity in a global enterprise environment is preferred, with a preference for environments of 5,000+ users. This indicates that the role involves managing identity for a large user base.