Senior Identity and Access Management Engineer
Chobani
full-time
Posted on:
Location Type: Office
Location: New York City • New York • United States
Visit company websiteExplore more
Salary
💰 $105,500 - $196,500 per year
Job Level
Tech Stack
About the role
- Design, implement, and maintain secure SSO integrations for SaaS and on-prem applications using SAML, OIDC, and OAuth2
- Lead the automation of user provisioning and deprovisioning workflows via Entra ID and SCIM-based integrations
- Develop and manage access reviews, entitlement management, and least-privilege policies using Microsoft Entra and Azure AD Identity Governance
- Implement and maintain conditional access policies, MFA configurations, and group-based access controls
- Collaborate with application owners and security teams to ensure consistent identity lifecycle management across hybrid cloud environments
- Design, implement, and operationalize enterprise PKI infrastructure
- Enhance and automate certificate enrollment, renewal, and revocation workflows across servers, applications, and end-user devices
- Integrate certificate-based authentication (CBA) with identity platforms and endpoint management systems
- Develop policies and processes for credential issuance, rotation, and lifecycle management
- Support audit and compliance requirements related to certificate and credential management
Requirements
- Bachelor’s degree in Computer Science, Cybersecurity, or related field (or equivalent experience)
- 5–8 years of experience in IAM engineering or related security infrastructure roles
- Deep knowledge of Microsoft Entra ID (Azure AD), identity protocols (SAML, OIDC, OAuth2), and lifecycle management best practices
- Experience implementing Entra ID Identity Governance features (access reviews, entitlement management, PIM)
- Strong expertise with PKI technologies (Microsoft ADCS, cloud-based CAs, HSM integration, CRLs, and certificate automation)
- Familiarity with modern credential management tools (e.g., Venafi, Keyfactor, HashiCorp Vault, or Azure Key Vault)
- Hands-on scripting experience (PowerShell, Python, or similar) for automation and API integrations
- Working knowledge of security and compliance standards such as NIST, ISO 27001, and Zero Trust Architecture
Benefits
- medical, dental, vision coverage
- 401K match
- short- and long-term disability coverage
- health savings accounts
- flexible spending accounts
- tuition reimbursement
- health care navigation
- mental health services
- fertility assistance
- paid parental leave
- 120 hours of PTO
- 11 Holidays each year
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
SAMLOIDCOAuth2Entra IDSCIMAzure ADPKIPowerShellPythoncredential management