Senior Information Security Analyst; Okta Admin

Position: Senior Information Security Analyst (Okta Admin)
JR0126328

Senior Information Security Analyst (Okta)– Pune, India

Are you a passionate security professional Are you excited to learn and grow your skills in a strong global cybersecurity team Are you interested in joining a globally diverse financial services organization Then it's time to join Western Union as an Information Security Engineer in Pune.

Western Union powers your pursuit

The Information Security Engineer position will be responsible for the support, administration and integration of our Cloud Identity and Access Management system to include roles configuration, updating the access and creating the policies.

Role Responsibilities

With these projects, your day-to-day activities primarily focuses on integrating applications using SAML
2.0, OAuth 2.0, OIDC.
Troubleshooting the issues using AAA rule Authentication, Authorization and Accountability. Providing Authentication to the applications, Managing Authorization to the resources in the organization based on the roles and Attributes. And monitoring the user activities with okta logs or Splunk logs.
Work on ticketing tool Service Now. Where tickets are created by the users and used to resolve and close the tickets based on the priority and the order we receive. Experience in Adaptive MFA policies for the application based on the organization rules and application requirements which seek permission from security team for approval to update the org MFA policy.
Work on High-Risk applications like PCI, and SOC applications to enable Authentication policies.
Use okta verify, okta fast pass to login without the requirement of entering password for the users.
Provide 24/7 on call support for solving Tickets on a rotating basis with other team members.
Prepare documentation about procedures and KB articles to follow in okta about trouble shooting based on the scenarios we faced and Password rest procedures, MFA reset procedures and used to share on knowledge base.
Experience in integrating OIDC applications using different grant flows.
Configure SPA, Native applications in OIDC and used to create custom auth server for each OIDC apps based on the requirements.
Manage Admin access for the applications and groups.

Provisioning

Provision the users by SCIM to automate the users for real time access to the application directly without creating the user from application side.
JIT provisioning to create the user account instantly in the Azure or Okta portal when the user signs into the application.
With Okta provisioning, we can help automate some of these processes. Okta provisioning can cover the entire user lifecycle, from creating the new user account to updating the user attributes within the account and, when the person leaves the organization or no longer requires access to the account, can even deprovision the account.
It is up to the service provider to determine via their application programming interface or API as to whether or not provisioning capabilities will be available. When adding an application from the Okta Integration Network or OIN, should you want to focus your search to only those applications which do support provisioning, you can use the Supports Provisioning filter located on the left to view only applications which support provisioning features.
So, I have used expression language in okta while creating the groups, Custom attributes, SAML Assertions and also writing the claims for the OIDC applications as per the requirement.

Interaction With Other Teams

Need to collaborate with other IAM teams like AD team, which is our primary user database.
Interact with PKI team for certificate management to the applications. (Venafi, Digi Cert) and with PAM team where we use Cyber Ark for managing Privileged accounts.
Also, with the GRC team to check on the application risk assessment to check whether it is good to move forward with the SSO configuration with the app.

Role Requirements

5-7 years of hands-on experience with Okta development and administration
Strong working experience in SSO protocols (SAML, OIDC, OAuth2)

Experience with MFA implementation and adaptive authentication policies
Proficiency in Java and scripting languages (JavaScript, Python, Bash, or Power Shell)

Experience with Okta Workflows, Okta APIs, and custom Hooks
Solid understanding of IAM concepts, including RBAC, JIT provisioning, and identity federation
Familiarity with directory services (e.g., Active Directory, LDAP, Azure AD)
Experience integrating SaaS and custom applications with Okta
Strong problem-solving and communication skills.
Okta Certified Professional or Okta Certified Developer

Experience with Dev Ops tools and CI/CD pipelines
Knowledge of security frameworks (e.g., NIST, ISO 27001)
Familiarity with cloud platforms like AWS, Azure, or GCP

We make financial services accessible to humans everywhere. Join us for what's next.

Western Union is positioned to become the world's most accessible financial services company —transforming lives and communities. We're a diverse and passionate…