Associate IAM Engineer

Tempus AI is focused on advancing the healthcare industry through precision medicine and AI technology. As an Associate IAM Engineer, you will manage identity operations, support SSO integrations, and troubleshoot authentication issues while ensuring compliance with identity governance standards.

Responsibilities

• Configure, test, and deploy standard SAML 2.0 and OIDC/OAuth 2.0 integrations for onboarding new SaaS applications
• Serve as the Tier 2/3 point of contact for identity-related tickets. Deep-dive into system logs and protocol traces to resolve authentication, MFA, and provisioning failures
• Monitor and maintain automated user provisioning (Joiner/Mover/Leaver processes) across HRIS, Active Directory, and downstream applications. Help triage Okta Workflow errors
• Assist in configuring and monitoring Okta Device Assurance policies to ensure only secure, compliant devices can access corporate resources
• Support user access reviews and regular entitlement certifications using Okta Identity Governance (OIG) to ensure alignment with SOC2, ISO 27001, and SOX frameworks

Skills

• 1–3 years of experience in an IT, Security, or Systems Administration role, with at least 1 year of dedicated hands-on exposure to Okta administration
• A solid conceptual understanding of the 'Identity Trinity': SAML 2.0, OpenID Connect, SCIM
• Comfortable navigating and managing Universal Directory (managing users, groups, and basic OU structures)
• Foundational understanding of REST API concepts (HTTP methods like GET, POST, PUT, DELETE, and status codes) and comfort using OKTA Workflows
• Understanding of basic security principles like Multi-Factor Authentication (MFA), Least Privilege, and Zero Trust
• Enjoy digging into event logs and browser developer tools (SAML tracers) to find out exactly why a login failed
• Ability to guide non-technical employees (or partners in HR) through password resets, MFA setups, or access requests with patience and clarity
• Excited to learn advanced tools like Okta Workflows, Terraform, or API management on the job
• Prior exposure to configuring Okta Device Assurance policies and a basic understanding of how they interface with MDM tools (e.g., Jamf, Intune) to check device posture
• Hands-on exposure to Okta Identity Governance (OIG) for managing access requests, approvals, and access certification campaigns
• Foundational knowledge or exposure to Okta Workflows (or similar low-code automation platforms) used to orchestrate lifecycle management
• Okta Certified Professional or Okta Certified Administrator

Benefits

• Incentive compensation
• Restricted stock units
• Medical and other benefits depending on the position

Company Overview

Company H1B Sponsorship