StaffSecurityEngineer

## Accountabilities Define and lead the technical architecture for enterprise identity and access management systems, including identity lifecycle, entitlements, privileged access, and federation models. Design and evolve secure authentication and authorization systems using protocols such as OAuth, OpenID Connect, and SAML. Drive large-scale identity platform transformations, including migrations, system consolidations, and phased cutover strategies with strong focus on reliability and reversibility. Architect and enforce least-privilege and just-in-time access models across production systems and developer infrastructure. Own operational excellence for IAM services, including reliability, observability, on-call support, incident response, and postmortem leadership. Improve system resilience through better testing, deployment safety, rollback strategies, and automated validation frameworks. Collaborate with infrastructure and security teams to integrate identity services with cloud platforms such as AWS, Azure, or GCP. Lead technical design reviews, set engineering standards, and ensure consistency across identity-related services. Mentor senior engineers and influence engineering practices across security and infrastructure domains. Contribute to building scalable APIs and systems designed for programmatic and agent-driven access workflows. Requirements: 7+ years of experience in software engineering or security engineering, building and operating production-grade distributed systems. Strong programming background in at least one modern language such as Go, Java, Python, C++, or Rust. Deep expertise in identity and access management systems, including directory services and enterprise identity platforms such as Okta and Microsoft Entra ID. Proven experience designing and operating authentication and authorization systems at scale in cloud environments. Hands-on experience leading or contributing to large-scale identity migrations or IAM platform consolidations. St