Security Engineer, IAM

3 days ago

Boston, MA, USA

Mid Level / Senior

H1B Sponsor

Base Salary

$130k - $170k/yr

Responsibilities

Implement authentication and authorization controls across SaaS platforms and cloud infrastructure.
Configure and maintain SSO, MFA, and conditional access policies.
Assist in the evolution of SSO, MFA, and zero trust access models.
Design and enforce RBAC and ABAC models across cloud and SaaS systems.
Validate identity provider integrations and assist with application onboarding.
Partner with Engineering to secure application authentication flows and API access.
Harden identity provider configurations and manage lifecycle processes.
Support AWS IAM security and manage cross-account access.
Implement privileged access and identity lifecycle controls.
Secure APIs and service accounts used in automation workflows.
Improve identity monitoring and detection capabilities.
Support identity-related audits and control validation.
Contribute to incident response efforts involving identity compromise.

3+ years of experience in IAM engineering or identity architecture.
Hands-on experience with enterprise identity providers like Okta or Azure AD.
Strong understanding of authentication and authorization protocols such as SAML and OAuth 2.0.
Experience designing and implementing RBAC and/or ABAC models in cloud environments.
Strong knowledge of AWS IAM and cloud identity federation.
Experience securing APIs and CI/CD authentication workflows.
Familiarity with privileged access management concepts.
Experience automating IAM tasks using scripting or infrastructure-as-code tools.
Familiarity with identity threat detection methodologies.
Bachelor’s degree in Computer Science, Cybersecurity, or related field; relevant certifications are a plus.

AWSPythonTerraform