John Mathew, Developer in Dallas, TX, United States
John is available for hire
Hire John

John Mathew

Verified Expert  in Engineering

IT Security Developer

Dallas, TX, United States

Toptal member since September 27, 2023

Bio

John has been a senior in identity and access management (IAM) for over a decade. He is skilled with diverse tools like Okta, Azure, and OneLogin. He is an expert in IAM standards like OpenID Connect (OIDC), the Security Assertion Markup Language (SAML), Fast IDentity Online (FIDO), OAuth, and System for Cross-domain Identity Management (SCIM) provisioning. John has experience with Workday, OIE upgrade, Jamf device trust, passwordless login implementations, and PIV card integration.

Portfolio

Confidential Client
OKTA, Identity, Identity & Access Management (IAM)
Caliber Home Loans
OKTA, Azure, Identity & Access Management (IAM)
Microsoft
Azure Design, Azure, Identity, Identity & Access Management (IAM)

Experience

Availability

Part-time

Preferred Environment

Windows, Okta

The most amazing...

...things I've worked on are complex projects related to Okta passwordless authentication.

Work Experience

Identity and Access Management Engineer

2021 - 2023
Confidential Client
  • Oversaw the company's IAM services, handling everything from support and requirements gathering to development. Evaluated and adopted new technologies, implemented top-notch security protocols, and addressed security audit findings.
  • Designed and implemented processes for managing user identities in Okta Identity Engine (OIE), using HR as a master source, enforcing least privilege access, ensuring seamless user lifecycle management, and establishing role-based access controls.
  • Configured various IAM protocols, including SAML, OIDC, authorization servers, APIs, OAuth, etc.
Technologies: OKTA, Identity, Identity & Access Management (IAM)

Identity and Access Management Engineer

2019 - 2021
Caliber Home Loans
  • Supported over 10,000 users in a multitenant Okta environment, gathering technical requirements and spearheading initiatives to minimize authentication friction while enhancing overall security measures.
  • Configured and supported various applications within the Okta ecosystem, including Office 365, Salesforce, and Adobe.
  • Used tools and technologies, including Okta AD agents, IWA, Radius, Microsoft Identity Manager, SIEM integration, RSA, Citrix, Cisco VPN, and federation, to secure access to the company's network and applications across multiple Okta tenants.
Technologies: OKTA, Azure, Identity & Access Management (IAM)

Azure Cloud Identity Engineer

2019 - 2019
Microsoft
  • Supported identity and access within the Azure identity team, which included handling daily tasks such as troubleshooting complex identity issues, particularly those related to Azure and multi-factor authentication (MFA).
  • Configured and troubleshot issues related to single sign-on (SSO), Azure Virtual Machines (VM), ADFS federation, Conditional Access policies, multi-factor authentication (MFA), Okta, Ping Identity, DUO, SAML, Kerberos, FIDO YubiKeys, and SSL.
  • Configured Azure AD connect for SSO, federation, and Secure Sockets Layer (SSL) certificates.
Technologies: Azure Design, Azure, Identity, Identity & Access Management (IAM)

Cloud Identity Specialist

2019 - 2019
BetterUp
  • Conducted meetings with stakeholders to understand their specific requirements and translated them into a technical solution.
  • Established Workday as the source of truth for the identity system, using it as the master source.
  • Configured Okta lifecycle management to automate user onboarding and offboarding processes across various applications.
Technologies: OKTA, Google Workspace, Slack Development, Identity & Access Management (IAM)

Technology Support Manager

2012 - 2018
Goldman Sachs Personal Financial Management
  • Provided technology support and oversaw identity management at United Capital. This included maintaining various aspects such as cloud services, servers, backups, security measures, desktop systems, firewalls, and phone systems.
  • Managed Okta, overseeing its configuration and implementing automated user provisioning and deprovisioning processes. Collaborated closely with vendors to plan, develop, and test various projects.
  • Configured SAML/OIDC applications to integrate them with Okta. Implemented MFA using Duo for enhanced security. Established security baseline policy and geo-login restrictions.
Technologies: Azure, Identity & Access Management (IAM)

Tech Support Assistant Manager

2007 - 2012
Safe Fleet | Coban Technologies
  • Managed the most complex and high-priority environments. Promoted to assistant manager within the tech support group at Coban due to my exemplary performance.
  • Handled the installation and configuration of Windows servers, including planning, executing, and validating system software upgrades according to established schedules.
  • Collaborated directly with the software development team to address and resolve bugs and performance issues. Assumed technical writing responsibilities, which involved maintaining the user manual for our custom software.
Technologies: Azure, HP Servers, Troubleshooting

Okta Passwordless Solution

Upgraded Okta to OIE and implemented Device Trust version 2, integrating it with Jamf for enhanced device trust capabilities. Additionally, I designed and enforced policies mandating users to sign in to critical applications exclusively from managed devices. Furthermore, I collaborated closely with the MDM team to deploy the Okta Verify desktop, contributing to the implementation of Okta's passwordless solution.
APRIL 2021 - APRIL 2023

Okta Certified Professional

Okta

Tools

Google Workspace, Slack Development

Languages

SAML

Platforms

Azure Design, Windows Development, OneLogin

Storage

Azure, HP Servers

Other

OKTA, Identity, SSO Engineering, Identity & Access Management (IAM), Passwordless Authentication, SCIM, OpenID Connect (OIDC), Troubleshooting

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring