Support implementation and operations of our Identity Governance & Administration (IGA) platform to ensure employees gain appropriate access for their role, approvals are captured, and access is revoked efficiently upon separation
Access control design as a security control by defining and enforcing RBAC standards for sensitive systems
Continuous improvement of identity controls by reducing standing privileges and hardening authentication policies (SSO, MFA)
Lead the integration of new SaaS applications into our SSO (Single Sign-On) and MFA (Multi-Factor Authentication) ecosystem, providing security oversight for business systems implementations and operations
Evolve our corporate device trust program so only compliant devices can access corporate and production systems
Support endpoint security efforts including security policies, controls, and vulnerability management across macOS and Windows
Partner with Security Detection & Response to ensure visibility into corporate systems, including development of scripts and integrations as needed
Partner with Trust & Compliance to streamline or automate evidence collection to support internal and independent audits (e.g., SOC2)
Conduct periodic access reviews and audits; investigate and resolve identity- and access-related security incidents
Design, document, and execute plans to identify gaps and continuously improve access management lifecycle and identity architecture

Requirements

4+ years of experience in security-focused software engineering, corporate engineering, IT, and/or program management
Demonstrated ability to identify risks and vulnerabilities in IT and business systems, balance risk with company priorities, and communicate risk to stakeholders
Strong understanding of IAM protocols and standards, including SAML 2.0, OIDC, SCIM, LDAP, OAuth, and familiarity with X.509
Experience with IdP and identity tooling (e.g., Okta, Active Directory, Google Workspace), including defining and enforcing Role-Based Access Control (RBAC) policies and Least Privilege principles across enterprise applications
Familiarity with endpoint engineering for macOS and Windows
SW Eng/Dev engineering and DevOps proficiency: Python and/or Go, Terraform, GAM scripting, Powershell scripting, JSON, Javascript
Demonstrated experience deploying new IT systems and processes across the organization with high user satisfaction
Strong analytical and problem-solving skills, attention to detail, and ability to operate independently with a high level of ownership
Experience with Okta, Salesforce, NetSuite, Workday, GCP, GWP, Microsoft Entra/Azure/Intune, JAMF
Backend and API testing/experience is a plus

Benefits

100% health coverage for employees (medical, dental, and vision), and 75% coverage for dependents with buy-up plan options available
Market-leading leave policies, including gender-neutral parental leave and compassionate leave
Family forming support through Maven for you and your partner
Paid time off - take the time you need, when you need it
Monthly stipends for wellbeing, hybrid work, and (if applicable) cell phone use
Mental health support through Modern Health, including therapy, coaching, and digital tools
Pre-tax commuter benefits (US Employees)
401(k) plan with Fidelity with employer match (US Employees)
Regular team events to connect, recharge, and have fun
And most importantly: the opportunity to help build the company you want to work at

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

IAM protocolsSAML 2.0OIDCSCIMLDAPOAuthPythonGoTerraformRBAC

Soft Skills

analytical skillsproblem-solving skillsattention to detailindependenceownershipcommunication skillsrisk assessmentstakeholder management