Senior IAM Engineer (Okta)
IonQ
About IonQ:
IonQ, Inc. [NYSE: IONQ] is the world’s leading quantum platform and merchant supplier - delivering integrated quantum solutions across computing, networking, sensing, and security. IonQ’s newest generation of quantum computers, the IonQ Tempo, is the latest in a line of cutting-edge systems that have been helping customers and partners including Amazon Web Services, and AstraZeneca achieve 20x performance results and accelerate innovation in drug discovery, materials science, financial modeling, logistics, cybersecurity, and defense. In 2025, the company achieved 99.99% two-qubit gate fidelity, setting a world record in quantum computing performance.
Headquartered in College Park, Maryland, IonQ has operations in California, Colorado, Massachusetts, Tennessee, Washington, Italy, South Korea, Sweden, Switzerland, Canada, and the United Kingdom. Our quantum computing services are available through all major cloud providers, while we also meet the needs of networking and sensing customers across land, sea, air, and space. IonQ is making quantum platforms more accessible and impactful than ever before.
This Senior IAM Engineer will own the Okta for Government High (FedRAMP High) tenant, which serves as the enterprise Identity Provider and Identity Governance platform for a 1,500+ user organization. The role is the primary technical resource responsible for the build, enhancement, and operation of key functions, including SSO integrations, Identity Governance (OIG), Lifecycle Management, Workflows automation, and Adaptive MFA policy.
In the first three months, you will help develop the core program documentation and workflows. You will collaborate with external teams like IT, Legal and People to integrate into company processes. You will work with our technical security experts to build Identity and Access management processes and procedures.
Responsibilities
- Own the Okta for Government High (FedRAMP High) tenant — configuration, health, lifecycle, and security posture
- Manage Universal Directory: on-prem AD Agent sync, HRIS attribute mastering, profile mappings, and group rules
- Build and maintain all SSO app integrations via the Okta Integration Network (OIN) using SAML, OIDC, and SCIM
- Own and maintain Okta Adaptive MFA policies: factor enrollment rules, risk-based step-up authentication, FIDO2/YubiKey/PIV/CAC configuration
- Maintain the Okta System Log to Microsoft Sentinel log streaming pipeline and retention configuration
- Own Okta Identity Governance (OIG): entitlement catalog, access certification campaign setup, SoD policy rules, and access request workflow design
- Own, Build and Maintain Okta Lifecycle Management: JML automation rules, HRIS connector configuration, and auto-provisioning and deprovisioning into all connected applications, access review triggers, and automated remediation
- Design, build, and document all Okta-side enhancements including new app onboarding, policy changes, and IGA configuration updates
- Write test cases for all Okta-side changes; execute UAT jointly with the Identity Governance & Operations Analyst before production promotion
- Support Identity Operations Specialist on Tier 2 Okta escalations and Workflow troubleshooting
- Assist Identity Governance & Operations Analyst with OIG campaign configuration and certification reporting
Requirements:
- 4+ years of hands-on Okta administration and engineering experience
- Demonstrated experience with Okta SSO app integrations via SAML 2.0 and OIDC
- Experience with Okta Lifecycle Management and HRIS connector configuration
- Experience building Okta Workflows for provisioning automation
- Experience with Okta Adaptive MFA policy configuration including FIDO2/WebAuthn and hardware token enrollment
- Experience with Okta Universal Directory including AD Agent deployment and profile mastering
Compliance Requirements: this role will be subject to US Federal regulations, therefore:
- Must be a U.S. Citizen or Lawful Permanent Resident (Green Card holder) — U.S. Person
- Ability to obtain and maintain a security clearance or pass a background investigation consistent with CUI access
Preferred Qualifications:
- Experience with Okta for Government High (FedRAMP High) or FedRAMP Moderate environments — strong preference
- Okta Identity Governance (OIG) experience — access certifications, SoD, entitlement management
- Experience federating Okta to Microsoft Entra ID / GCCH as a SAML Service Provider
- Familiarity with CMMC, ITAR, GDPR, SOX, SOC 2 compliance requirements
- Experience with SCIM 2.0 provisioning to downstream applications
- Okta Identity Governance certification (preferred)
The approximate base salary range for this position is $126,887 - $166,127. The total compensation package includes base, bonus, equity, and a range of benefit options found on our career site.
Location: This role is based out of our College Park, Boulder, CO, or Bothell, WA offices, or can be remote in the US.
Travel: Up to 1 week per quarter
Job ID: 1460
Compensation will vary based on individual factors such as education, qualifications, and experience of the final candidate(s), specific office location, and calibration against relevant market data and internal team equity. Posted base salary figures are subject to change as new market data becomes available. Our benefits include comprehensive medical, dental, and vision plans, matching 401K, unlimited PTO and paid holidays, parental/adoption leave, legal insurance, and a home technology stipend. Details of participation in these benefit plans will be provided when a candidate receives an offer of employment.
At IonQ, we believe in fair treatment, access, opportunity, and advancement for all while striving to identify and eliminate barriers. We empower employees to thrive by fostering a culture of autonomy, productivity, and respect. We are dedicated to creating an environment where individuals can feel welcomed, respected, supported, and valued.
We are committed to equity and justice. We welcome different voices and viewpoints and do not discriminate on the basis of race, religion, ancestry, physical and/or mental disability, medical condition, genetic information, marital status, sex, gender, gender identity, gender expression, transgender status, age, sexual orientation, military or veteran status, or any other basis protected by law. We are proud to be an Equal Employment Opportunity employer.
US Technical Jobs. The position you are applying for will require access to technology that is subject to U.S. export control and government contract restrictions. Employment with IonQ is contingent on either verifying “U.S. Person” (e.g., U.S. citizen, U.S. national, U.S. permanent resident, or lawfully admitted into the U.S. as a refugee or granted asylum) status for export controls and government contracts work, obtaining any necessary license, and/or confirming the availability of a license exception under U.S. export controls. Please note that in the absence of confirming you are a U.S. Person for export control and government contracts work purposes, IonQ may choose not to apply for a license or decline to use a license exception (if available) for you to access export-controlled technology that may require authorization, and similarly, you may not qualify for government contracts work that requires U.S. Persons, and IonQ may decline to proceed with your application on those bases alone. Accordingly, we will have some additional questions regarding your immigration status that will be used for export control and compliance purposes, and the answers will be reviewed by compliance personnel to ensure compliance with federal law.
US Non-Technical Jobs. Due to applicable export control laws and regulations, candidates must be a U.S. citizen or national, U.S. permanent resident (i.e., current Green Card holder), or lawfully admitted into the U.S. as a refugee or granted asylum. Accordingly, we will have some additional questions regarding your immigration status that will be used for export control and compliance purposes, and the answers will be reviewed by compliance personnel to ensure compliance with federal law.
If you are interested in being a part of our team and mission, we encourage you to apply!