Roku - Identity Access Management Engineer - Azure/Entra ID

The ideal candidate will have hands-on experience with identity and access management (IAM), securing cloud environments, particularly within the Microsoft ecosystem, and deep expertise in Azure Entra ID.

A strong understanding of IT security best practices, regulatory compliance, and the ability to clearly communicate complex technical concepts are essential.

What youll be doing :

- Support enterprise applications onboarding into Azure Entra ID, including SSO, conditional access, and role-based access control (RBAC).

- Enhance privileged access management and implement scalable monitoring, alerting, and auditability solutions to support a secure, multi-cloud, geo-distributed workforce.

- Design, implement, and continuously improve Rokus Zero Trust Architecture, aligning with NIST SP 800-207 and SP 1800-35 guidance.

- Collaborate with IT, Networking, and Security teams to troubleshoot identity-related issues and support global infrastructure initiatives.

- Identify and implement automation opportunities to streamline IAM operations and reduce manual overhead.

- Integrate security into DevOps workflows, partnering with engineering teams to embed IAM and application security best practices into CI/CD pipelines.

Were excited if you have :

- Excellent communication skills, with the ability to clearly explain technical concepts to both technical and non-technical stakeholders.

- 5+ years of hands-on experience with identity and access management and securing cloud technologies, particularly within the Microsoft ecosystem.

- Advanced knowledge of Azure Single Sign-On (SSO) login methods including OAuth2, OpenID Connect, and SAML, and their integration with enterprise applications.

- Experience onboarding and managing enterprise applications in Azure Entra ID.

- Deep experience with Microsoft Entra ID, including Conditional Access, Identity Governance, and Privileged Identity Management (PIM).

- Familiarity with Microsoft 365 infrastructure: Intune, Exchange Online, Defender, Purview, Sentinel and related services.

- Strong understanding of multi-factor authentication (MFA), passwordless authentication, FIDO, and passkeys.

- Automation and scripting skills using PowerShell, Azure CLI, Microsoft Graph API.

- Working knowledge of Azure services (Function Apps, Logic Apps, Automation Accounts, Resource Groups, etc.

- Experience with AWS; GCP is a plus.

- Solid understanding of SaaS platforms and their identity integration.

- Understanding of Zero Trust Architecture principles.

- Familiarity with IT security frameworks and compliance standards (e.g, NIST, GDPR, SOC 2, PCI DSS, HIPAA).

- Awareness of logging, monitoring, and alerting practices related to identity and access events.

- Basic understanding of email security and DNS.

- Backup and recovery awareness for identity-related services.

- Experience with Azure OpenAI.

- Familiarity with Jira and Confluence.

- AI literacy and curiosity.

You have either tried Gen AI in your previous work or outside of work or are curious about Gen AI and have explored it.

Preferred Skills:

- Practical Linux and networking skills.

- Relevant certifications (Microsoft, AWS, GCP, CISSP, etc.

Benefits

Our comprehensive benefits include global access to mental health and financial wellness support and resources.

Local benefits include statutory and voluntary benefits which may include healthcare (medical, dental, and vision), life, accident, disability, commuter, and retirement options (401(k)/pension).
Our employees can take time off work for vacation and other personal reasons to balance their evolving work and life needs.

It's important to note that not every benefit is available in all locations or for every role.
For details specific to your location, please consult with your recruiter.

The Roku Culture

We try to surround ourselves with people who are great at their jobs, who are easy to work with, and who keep their egos in check.

We appreciate a sense of humor.

We believe a fewer number of very talented folks can do more for less cost than a larger number of less talented teams.

We're independent thinkers with big ideas who act boldly, move fast and accomplish extraordinary things through collaboration and trust.

In short, at Roku you'll be part of a company that's changing how the world watches TV.
We have a unique culture that we are proud of.

We think of ourselves primarily as problem-solvers, which itself is a two-part idea.

We come up with the solution, but the solution isn't real until it is built and delivered to the customer.

That penchant for action gives us a pragmatic approach to innovation, one that has served us well since 2002.