IT Systems Engineer

Nextdoor (NYSE: NXDR) is the essential neighborhood network. Neighbors, public agencies, and businesses use Nextdoor to connect around local information that matters in more than 340,000 neighborhoods across 11 countries. Nextdoor builds innovative technology to foster local community, share important news, and create neighborhood connections at scale. Download the app and join the neighborhood at nextdoor.com. 

This IT Systems Engineer role is pivotal in designing, building, and maintaining enterprise identity and access management across Okta and integrated SaaS systems. By owning identity governance at scale, including SSO/SCIM integrations, automated employee lifecycle (Joiner/Mover/Leaver), and self-service access workflows, you'll help reduce security risks and improve operational efficiency. Working with stakeholders in Business Technology, People, and Engineering, you'll build event-driven automations, enforce access policies, and maintain SOX/compliance standards through reliable integrations and processes. This work drives strategic growth and supports the company’s digital transformation.

If you excel at resolving complex Okta and identity issues, thrive as the escalation point for IT support, and enjoy building automation that removes friction for employees, this is the role for you. Your work will ensure reliable, secure access to the tools our teams rely on every day, reduce time-to-resolution for critical incidents, and enhance our team's capabilities through better processes, documentation, and mentorship.

Your responsibilities will include: 

• Administer Okta by managing SSO/SAML/OIDC, SCIM provisioning, groups, policies, MFA, and app assignments with clear ownership and audit trails, ensuring security and efficiency that support organizational success
• Design and operate self-service access workflows through Okta Request conditions, including approval routing, compliance tracking, and Jira integration for visibility and auditability
• Build and maintain integrations across People (Workday), identity platforms (Okta), and SaaS applications (Google Workspace, Atlassian) using Okta Workflows, Tray.io, Workato, and API/webhook patterns to automate processes and increase efficiency
• Own end-to-end employee lifecycle automation (Joiner/Mover/Leaver), including provisioning, access grants, and deprovisioning workflows. Document recovery paths for exceptions and verify alignment with the downstream systems
• Implement secure workarounds for SaaS applications that don't support SSO, including service account management, credential governance, and automated deprovisioning
• Serve as the escalation point for complex support and/or access-related issues originating from Level 1/2 helpdesk teams
• Partner with Compliance and Company stakeholders on periodic UARs (access reviews), RBAC tuning, and audit support, using Request Conditions history and ticket linkages

• 3+ years of experience in Okta administration across SSO/SAML/OIDC, SCIM, group mapping, and policies, with a strong understanding of audit/SOX implications and documentation needs
• 5+ years of IT Support experience with escalation management and documentation
• Proven hands-on experience with iPaaS and automation platforms (Okta Workflows, Tray.io, Workato) to implement approval flows, listeners, and provisioning logic tied to event triggers
• Proficiency working with APIs and webhooks to integrate SaaS systems; ability to design workflows with retries and clear error handling paths
• Administration of SaaS apps like Google Workspace, Atlassian (Jira/Confluence), and Slack in an enterprise setting, aligned to identity governance and service management practices
• Clear stakeholder communication mindset and strong project management skills, helping align IT initiatives with business priorities and driving cross-functional impact
• Experience incorporating AI tools (e.g., LLMs like OpenAI, Agents) into everyday processes to improve operational efficiency, empowering you to drive meaningful innovation within the team
• Experience evolving self‑service models to improve user productivity while preserving scope boundaries
• Comfort implementing compliant exceptions when SSO is not supported by a vendor, using owner/service accounts with traceability in Okta logs and downstream automation

• Experience with Okta logging, SIEM monitoring tools (Splunk, etc.), and reporting
• Okta Certified Administrator or Okta Certified Professional/Consultant Certification
• Other IT certifications (Jamf, A+, Network+, Google IT Support, etc.)

Compensation, benefits, perks, and recognition programs at Nextdoor come together to create our total rewards package. Compensation will vary depending on your relevant skills, experience, and qualifications. Compensation may also vary by geography.

The starting salary for this role is expected to range from $120,000 to $130,000 on an annualized basis, or potentially greater in the event that your 'level' of proficiency exceeds the level expected for the role.

We expect to award a meaningful equity grant for this role. With quarterly vesting, your first vest date will take place within 3 months of your start date.

When it comes to benefits, we have you covered! Nextdoor employees can choose between a variety of health plans, including a 100% covered employee only plan option, and we also provide a OneMedical membership for concierge care.

At Nextdoor, we empower our employees to build stronger local communities. To create a platform where all feel welcome, we want our workforce to reflect the diversity of the neighbors we serve. We encourage everyone interested in our mission to apply. We do not discriminate on the basis of race, gender, religion, sexual orientation, age, or any other trait that unfairly targets a group of people. In accordance with the San Francisco Fair Chance Ordinance, we always consider qualified applicants with arrest and conviction records.

For information about our collection and use of applicants’ personal information, please see Nextdoor's Personnel Privacy Notice, found here.