About Agoda

At Agoda, we bridge the world through travel. Our story began in 2005, when two lifelong friends and entrepreneurs, driven by their passion for travel, launched Agoda to make it easier for everyone to explore the world.  

Today, we are part of Booking Holdings [NASDAQ: BKNG], with a diverse team of over 7,000 people from 90 countries, working together in offices around the globe. Every day, we connect people to destinations and experiences, with our great deals across our millions of hotels and holiday properties, flights, and experiences worldwide.

No two days are the same at Agoda. Data and technology are at the heart of our culture, fueling our curiosity and innovation. If you’re ready to begin your best journey and help build travel for the world, join us.

Role Overview:

We are looking for a hands on Identity Security Engineer to design, build, and operate Okta platform. This role owns the implementation and evolution of Okta Identity Governance, lifecycle automation, and identity centric security controls across the enterprise.

Key Responsibilities:

• Okta Identity Governance (OIG) & Lifecycle: Design and deploy Okta Identity Governance modules, including Access Requests, Certifications, and Entitlement Management.
• Develop and maintain custom workflows and policies within Okta IGA to enforce Segregation of Duties (SOD) rules during provisioning and access requests
• Design access certification campaigns and remediation workflows to satisfy audit requirements.
• Okta Platform Engineering: Manage Okta organization architecture (Groups, Rules, Policies) using Infrastructure-as-Code (Terraform) to ensure version control and reduce drift.
• Build and maintain Okta Workflows for lifecycle automation, custom notifications, and advanced logic beyond native features. Implement and enforce Multi-Factor Authentication (MFA) policies, Risk-Based Authentication, and Global Session Policies.
• Automation & Integration: Develop automation using Okta APIs, Event Hooks, and Workflows. Integrate Okta OIG with downstream applications for seamless provisioning.
• Partner with Detection Engineering to ingest Okta System Logs into the SIEM for threat monitoring.
• Governance, Risk & Compliance: Partner with GRC and Audit teams to support SOX, NIST requirements.
• Ensure identity controls are measurable, auditable, and enforced consistently.

Required Skills & Experience:

• 6+ years of hands-on experience operating Okta in a production environment.
• Experience with Okta Identity Governance (OIG): Setting up Access Requests, Review Campaigns, and Entitlements.
• Experience with Terraform (specifically the Okta Provider) for managing configuration as code.
• Ability to write scripts in Python or JavaScript/TypeScript for custom API integrations.

• Agoda Careers https://careersatagoda.com
• Facebook https://www.facebook.com/agodacareers/
• LinkedIn https://www.linkedin.com/company/agoda
• YouTube https://www.youtube.com/agodalife

Equal Opportunity Employer 

At Agoda, we pride ourselves on being a company represented by people of all different backgrounds and orientations. We prioritize attracting diverse talent and cultivating an inclusive environment that encourages collaboration and innovation. Employment at Agoda is based solely on a person’s merit and qualifications. We are committed to providing equal employment opportunity regardless of sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, and other legally protected characteristics.

We will keep your application on file so that we can consider you for future vacancies and you can always ask to have your details removed from the file. For more details please read our privacy policy.

Disclaimer

We do not accept any terms or conditions, nor do we recognize any agency’s representation of a candidate, from unsolicited third-party or agency submissions. If we receive unsolicited or speculative CVs, we reserve the right to contact and hire the candidate directly without any obligation to pay a recruitment fee.