Position Summary

IAM is core to a functioning business and a foundational base on which modern, progressive, technology-focused enterprises are built. As part of the IAM Team, you'll report through Security to drive many of the automation, integrations, and technical strategies that impact how Engineers securely access workloads. 

We are looking for an individual who, when given the opportunity, tends to lean more towards an IAM focus within their career path.

You will be someone looking for greenfield opportunities within AWS IAM and a level of empowerment and support from leadership to enact meaningful change.

Documentation and communication skills are critical, especially in a remote workforce. You will have a firm understanding and comfort with diagraming concepts and organizing your work product and code in Confluence or GitHub. 

Our Identity Access Management team is working on overall Enterprise and Customer Access Management Strategies and Policies, Access Ops, and Access Consulting. Our new areas to conquer will be AWS SSO, Self Serve Automated Provisioning & Logging, Okta/HRIS automation, and ABAC.  

What you'll do

• Play a vital role in the continued development of infrastructure IAM at Marqeta.
• Drive identity orchestration in AWS, using a combination of cloud-native and vendor solutions where appropriate.
• Act as a leading voice and SME for Okta, developing simple tooling where needed and processes to simplify access to infrastructure resources.
• Mentor peers across IT and Security on the identity space, providing cross-team training and supporting career development for more junior engineers.

What we're looking for

• You have worked in a career path that indicates an intrinsic motivation around identity and access management. 
• You have at least 4+ years of experience in an SRE, DevOps, Infrastructure Security, Cloud Security, or equivalent role leveraging AWS.
• Direct experience designing, implementing and scaling AWS identity-based policies, Resource-based policies, AWS SSO, AWS Organizations service control policies (SCPs), and IAM Permission Boundaries.
• You have a solid technical background in implementing "modern authentication" technologies at scale. 
• Have strong opinions around OAuth, SAML, OIDC, and mTLS. 
• Deep experience deploying AuthN and AuthZ solutions leveraging Okta as an IDP.
• Familiarity with low/no-code workflow tooling and its design.
• Experience working in environments with a SaaS-first / cloud-first identity and access management focus.
• Experience with ZeroTrust-based access and, more importantly, the organizational processes required for scalable ZeroTrust to succeed.
• Experience deploying and maintaining certificates as part of a user and device AuthN/AuthZ strategy.
• Strong scripting skills in Python, Ruby, or similar and experience leveraging RESTful APIs to build tools or integrations.

Nice-to-have

• Comfortable working in a high-visibility position, and finds communication/collaboration easy over video chat.
• Experience leveraging Terraform or similar IaC/CAC technologies to manage SaaS infrastructure.
• Experience developing/implementing custom integrations/solutions to enable seamless identity integration into internal application development workflows.
• Experience in Fintech or Financial Services.