Staff Engineer, Identity & Access Management (IAM)
Recursion
9 hours ago
Remote friendly (Salt Lake City, UT)
United States
IT
In this role, you will:
- Assess current IAM state and revamp IAM strategy across products, platforms, cloud/on-prem infrastructure, and corporate applications to accelerate business outcomes.
- Drive IAM implementation as part of a larger zero-trust security strategy.
- Architect and design cloud-based identity governance, access management, and cloud directory solutions.
- Implement RBAC/ABAC IAM workflows for onboarding and ongoing identity lifecycle management.
- Serve as a technical and strategic advisor to cross-functional teams (IT, security, development) to integrate IAM into broader security architecture.
- Partner with Engineering and IT to ensure products/applications use fine-tuned access privileges and are appropriately risk-managed.
- Establish KPIs, KCIs, and KRIs to measure IAM control effectiveness and enable continuous improvement.
- Partner to ensure regulatory compliance for SOX, GxP, etc.
The experience youโll need:
- Bachelorโs or Masterโs degree in Computer Science, Information Security, or related field.
- 7+ years of experience in Identity & Access Management and related information security domains.
- Deep IAM/security leadership experience delivering large-scale IAM projects in cloud-first and hybrid environments.
- Expertise in one or more programming languages (e.g., Java, C++, Python) as related to IAM.
- Expert experience with enterprise identity administration/governance solutions.
- Expert experience with Adaptive Authentication, OAuth, OpenID, SAML (etc.).
- Expert experience with identity stacks (e.g., Enterprise Active Directory) and cloud IAM products (e.g., Okta, AWS, Azure AD, Duo).
- Expert experience with privileged access management (e.g., Delinea, CyberArk).
- Knowledge of UNIX/Linux, macOS, Windows and database management systems.
- Strong communication and leadership; ability to act as a business systems analyst to elicit technology-agnostic requirements and use cases.
- Continuous improvement mindset and experience with risk management aligned to tolerance and compliance.
- CISSP/OSCP/GWAPT highly desirable.
Working location & compensation:
- Making SLC your home base is ideal; remote work considered with regular on-site visits.
- Estimated annual base range: $180,600โ$212,900. Eligible for annual bonus, equity, and comprehensive benefits package.
- Assess current IAM state and revamp IAM strategy across products, platforms, cloud/on-prem infrastructure, and corporate applications to accelerate business outcomes.
- Drive IAM implementation as part of a larger zero-trust security strategy.
- Architect and design cloud-based identity governance, access management, and cloud directory solutions.
- Implement RBAC/ABAC IAM workflows for onboarding and ongoing identity lifecycle management.
- Serve as a technical and strategic advisor to cross-functional teams (IT, security, development) to integrate IAM into broader security architecture.
- Partner with Engineering and IT to ensure products/applications use fine-tuned access privileges and are appropriately risk-managed.
- Establish KPIs, KCIs, and KRIs to measure IAM control effectiveness and enable continuous improvement.
- Partner to ensure regulatory compliance for SOX, GxP, etc.
The experience youโll need:
- Bachelorโs or Masterโs degree in Computer Science, Information Security, or related field.
- 7+ years of experience in Identity & Access Management and related information security domains.
- Deep IAM/security leadership experience delivering large-scale IAM projects in cloud-first and hybrid environments.
- Expertise in one or more programming languages (e.g., Java, C++, Python) as related to IAM.
- Expert experience with enterprise identity administration/governance solutions.
- Expert experience with Adaptive Authentication, OAuth, OpenID, SAML (etc.).
- Expert experience with identity stacks (e.g., Enterprise Active Directory) and cloud IAM products (e.g., Okta, AWS, Azure AD, Duo).
- Expert experience with privileged access management (e.g., Delinea, CyberArk).
- Knowledge of UNIX/Linux, macOS, Windows and database management systems.
- Strong communication and leadership; ability to act as a business systems analyst to elicit technology-agnostic requirements and use cases.
- Continuous improvement mindset and experience with risk management aligned to tolerance and compliance.
- CISSP/OSCP/GWAPT highly desirable.
Working location & compensation:
- Making SLC your home base is ideal; remote work considered with regular on-site visits.
- Estimated annual base range: $180,600โ$212,900. Eligible for annual bonus, equity, and comprehensive benefits package.