The Identity & Access Engineering team is responsible for building solutions to effectively orchestrate user account lifecycles, ensure seamless authentication for internal and external applications, and facilitate user access requests. We lean heavily on automation to create scalable solutions that help the CyberSecurity team fulfil its mission of security by design. We're currently looking for an innovative and creative Engineer to help our team build new services focused on automation and maintain and improve current solutions. This role will also be responsible for helping grow our systems according to industry standards and best practices. On top of being an excellent developer, our ideal candidate is most effective in a fast-paced collaborative environment, delights in new problem areas, and is driven by curiosity and a creative spirit.

Responsibilities :

- Build and maintain Identity and Access automation tooling to create improved experiences for developers and business teams that require authentication and authorisation in their applications.

- Support and implement improvements across the entire IAM technology stack, including technical flows that support lifecycle processes, data and access governance, alerting and monitoring, group orchestration, and event publishing.

- Support new and existing integrations with our core.

- Identity platforms and services (SailPoint IdentityNow & Okta).

- Stay abreast of IAM industry best practices and new solutions (including open source and off-the-shelf products) to help improve our patterns and tech stack.

Requirements :

- 2+ years of experience developing and maintaining scripts, preferably written in one of PowerShell, Python, or JavaScript, focused on automating SOPs and maintaining data consistency across multiple directories.

- Additional experience in at least one other core web language or common scripting language, e. g. PowerShell, Python, Java, JavaScript, TypeScript, Go.

- Thorough understanding of RESTful APIs and authenticating and authorising against them.

- Understanding of distributed systems, microservices architecture, and related technologies.

- Comfortable with DevOps principles, e. g. version control systems, such as GIt, and CI/CD pipelines.

- Hands-On experience writing SQL queries and interacting with REST and GraphQL APIs.

- Experience using Hashicorp stack (Terraform & Vault), Elastic Stack (Kibana & Elasticsearch), and Docker.

Nice to have :

- Comfortable with the subject matter of Identity & Access Management, e. g. common access control mechanisms (RBAC, ABAC, PBAC), PKI, User Lifecycle patterns, Principle of Least Privilege, LDAP, authentication frameworks (OIDC, SAML), SCIM, OAuth, etc.

- Broad familiarity with a wide range of IAM and IGA systems. Examples : Okta, Ping, Keycloak, Saviynt, and SailPoint.

- Broad familiarity with a wide variety of IT and Infrastructural systems to help facilitate integrations. Examples : ServiceNow, Jira, Active Directory, Google Cloud Platform, Workday, etc.