IAM / Workplace Senior Engineer

We are looking for a Workplace Engineering Specialist (OKTA) to lead the digital ecosystem enabling our employees to work effectively anywhere in the world.

In this role, you will be the technical expert on Okta, responsible for identity strategy, user lifecycle automation and access security.

The Digital Department Workplace pilots the digital ecosystem enabling our employees to work effectively anywhere in the world.

As a member of the Workplace Engineering Team and reporting to the Workplace Engineering Lead, the Workplace Engineering Specialist (OKTA) will design, implement, and manage secure identity and access solutions for new subsidiaries and environments, while managing existing sites to ensure they comply with IT standards and utilize up-to-date infrastructure.

This role involves a deep understanding of Tech issues and requirements, as well as identity and access management (IAM) challenges and stakes. It requires the ability to quickly understand stakeholders and adapt to a multi-cultural environment while updating project sponsors. One of the main responsibilities is to anticipate technical constraints, define IAM frameworks (especially around OKTA), and oversee methodologies to ensure successful, on-time, and on-budget delivery, ensuring consistency and alignment with industry standards across all sites.

Key Responsibilities

• Lead Okta Architecture & Identity Management: Drive the design and implementation of our Okta federation strategy (SAML, OIDC), including advanced authentication policies (MFA, Adaptive MFA) and robust SCIM provisioning/deprovisioning. Leverage Okta Workflows, Inline Hooks, and Event Hooks to build scalable, automated identity lifecycle processes.
• Pioneer Cloud-Native Identity: Be a key contributor to the decommissioning of our on-premises Active Directory, accelerating the transition to a secure, modern, cloud-only architecture.
• Strengthen Security and Governance: Define and enforce identity governance policies (OPA), securely manage non-human and service accounts, and actively collaborate with Security/Platform teams to implement our Zero Trust model and conditional access policies.
• Ensure Compliance and Excellence: Produce high-quality technical documentation for audits and compliance, while also managing critical infrastructure components like 802.1X radius.
• Enable Business and Growth: Act as the subject matter expert (Level 3 support) for all authentication and access issues, support business teams in seamless application integration via Okta SSO, and mentor team members to elevate the team's overall expertise in identity and access management.
• Contribute to Collaboration Ecosystem: Participate in the administration and optimization of the Google Workspace environment, complementing the core identity function., * Tailor-made training and coaching program
• Remote working policy
• A wellness program "Pauses" with many activities and animations in-house
• Access to Eutelmed, a digital mental health and well-being platform that allows you to speak with an experienced psychologist
• A healthy and eco-responsible company restaurant
• Individual or family health insurance
• CSE benefits
• A rooftop
• A gym with free classes

SING IN HARMONY

• Ambassador program: an employee volunteering initiative dedicated to all Believers interested in having a positive impact on Diversity, Equity & Inclusion (DEI), wellbeing and the planet.
• Implementation of the sustainable mobility package "Forfait mobilité durable" => Reimbursement of up to 600€ for public transport/low carbon footprint
• 5 calendar days 2nd parent leave with 100% pay (in addition to the legal paternity or adoption leave)

Essential technical skills

• Okta: Okta (Professional or Associate certification required, Administrator recommended)
• Mastery of fundamental concepts: Applications, Universal Directory, Groups, Policies, Flows
• Protocols: SCIM 2.0, SAML 2.0, OAuth 2.0 / OIDC
• Automation:Inline Hooks, Event Hooks, Okta Workflows (Low-Code)
• Cloud & SaaS : Google Workspace, Microsoft 365 / Entra ID AD, SharePoint
• Scripting : PowerShell, Python, or JavaScript for automation
• IaC : Terraform / IaC for managing Okta configurations (okta provider)

Additional skills appreciated

• Language : Fluent in French and English (any other language is a plus)
• Experience with JumpCloud, Jamf Connect or equivalent MDM
• Experience administering Google Workspace and Microsoft 365 environments
• HashiCorp Vault Experience for Secrets Management
• Culture DevOps / GitOps (Git, CI/CD, …)

Soft Skills

• Technical rigor and ability to produce high-quality documentation
• Autonomy and proactive approach in an international environment
• Excellent interpersonal skills for working with multicultural teams and external partners
• Pedagogical skills to support users and business teams, and the ability to simplify key workplace concepts

Believe is a global artist development company. We empower local artists, labels and publishers to grow their audiences at each stage of their careers with expertise, respect, fairness and transparency. Operating in 50+ countries, with more than 2,000 employees, Believe offers a full range of services including audience development, publishing, marketing and distribution, with a tailor-made approach to fit any artist, label or publisher. Believe champions independence and innovation through a unique model that combines local expertise with a global tech platform, delivering exclusive solutions for artists to promote and monetize their music thanks to strategic partnerships with leading global digital service providers. With a leading portfolio of brands that includes Nuclear Blast, naïve, TuneCore, Groove Attack, Sentric, AllPoints and Byond, Believe artists generated more than 800 billion streams worldwide in 2024 across all genres, and were recognized with more than 70 leading industry awards. Believe is a simplified joint-stock company under French law. Ready to set the tone with Believe ?, At all stages of their careers, Believers are an important part of what we are doing: shaping the future of the music industry. We need teams that truly reflect the diversity of our clients: our international presence is an inspiring and enriching work environment for each one of us, with daily opportunities to connect with our colleagues all over the world. We have two hearts at Believe - our People and our Artists. We believe in THE POWER OF OUR PEOPLE, who grow every day to develop their potential… We aim to provide our Believers with the best environment to thrive.