Available Locations: Lisbon, Portugal.
About the DepartmentThe Identity and Access Management (IAM) team is dedicated to ensuring the secure and efficient management of user identities, access privileges, and authentication mechanisms across internal systems, applications, and data. Our mission is to safeguard the organization against unauthorized access, protect sensitive information, and enable seamless user experiences while adhering to industry best practices and compliance standards.
About the Role
As an Identity and Access Management (IAM) Security Engineer, you will play a crucial role in designing, implementing, and scaling identity and access management solutions for Cloudflare's internal workforce and workloads. You will be responsible for safeguarding our systems, applications, and data by ensuring secure user access, authentication, and authorization mechanisms.
What You'll Do
- Design, build, test, and deploy IAM solutions across authentication, authorization, and accounting
- Leverage Cloudflare products to secure our identities
- Build SSO integrations leveraging SAML, OIDC, OAuth, and SCIM
- Build and manage the Identity Governance and Administration platform
- Develop automated roles leveraging RBAC and ABAC
- Build and manage an access certification platform
- Build and manage a Priviliged Accss Management (PAM) platform
- Provide operational support of IAM systems including an on-call rotation that may include after hours calls
Desirable skills, knowledge and experience
Security engineers take part in a wide variety of tasks and projects in the team. One individual is not expected to know everything, but a working knowledge in several of the following areas is required:
- Strong understanding of identity federation (SAML, OAuth, OpenID Connect, etc.)
- Experience implementing Identity Governance and Administration (IGA) solutions including lifecycle management, SCIM, birthright access (RBAC, ABAC), and access certifications
- Experience with secure configuration of containerized application platforms (e.g. Kubernetes)
- Advanced scripting experience (Python, TypeScript, Bash, etc.)
- Experience implementing Zero Trust controls
- Experience integrating with applications and SaaS solutions
- Experience with Identity and Access Management policy application and enforcement
- Experience working with Identity Threat Detection & Response (ITDR)
- Experience working with infrastructure as code and configuration management tools like Terraform, Ansible, etc.
Top Skills
What We Do
Cloudflare, Inc. (NYSE: NET) is the leading connectivity cloud company on a mission to help build a better Internet. It empowers organizations to make their employees, applications and networks faster and more secure everywhere, while reducing complexity and cost. Cloudflare’s connectivity cloud delivers the most full-featured, unified platform of cloud-native products and developer tools, so any organization can gain the control they need to work, develop, and accelerate their business.
Powered by one of the world’s largest and most interconnected networks, Cloudflare blocks billions of threats online for its customers every day. It is trusted by millions of organizations – from the largest brands to entrepreneurs and small businesses to nonprofits, humanitarian groups, and governments across the globe.
Why Work With Us
Cloudflare employees come from all walks of life. We are mission-driven, and our team is energized by a collaborative, creative environment that celebrates our differences and fosters new ways to grow together.
Gallery
Cloudflare Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
We are committed to developing a global team that is distributed with a flexible working approach. Doing this equitably and inclusively is essential to our success. Visit our careers site for more on 'How & Where We Work.'
