Senior IAM Automation Engineer

WHO WE ARE

Apex Fintech Solutions (Apex) powers innovation and the future of digital wealth management by building tech-forward solutions that help simplify, automate, and facilitate access to financial markets for all. Our robust suite of fintech software enables us to support clients such as Stash, Betterment, SoFi, Webull, and eToro, amongst many others; collectively, Apex powers access to the stock market for over 22+ million end customers.  

 At Apex, we are changing how the securities industry operates by reinventing the status quo, which was manual, slow, and accessible only by the ultra-wealthy. We're digitizing and democratizing systems so that everyone has an opportunity to invest. 

When you're at Apex, you drive this change. You're part of a global team with a clear vision: to be the trusted technology that powers the digital economy. Our offices in Austin, Dallas, Chicago, New York, Portland, Belfast, and Manila are home to over 1,000 employees. 

Together, we’re shaping the future of financial innovation. Embrace change. Solve big. Win together. And be G.R.E.A.T. — grit, results, empathy, accountability, and teamwork — with Apex. 

We’re proud to be recognized for the innovative work we do, the purpose-driven nature of our work, and the collaborative culture we’ve created. Here are just a few of the many awards we’ve recently received: 

Best Places to Work 

2026, 2025, 2024, 2023 - Presented by BuiltIn 

WealthTech of the Year 

2025 - Presented by US FinTech Awards 

The World’s Top 250 Fintech Companies 

2024 - Presented by CNBC 

ABOUT THIS ROLE

We’re seeking a Senior IAM Automation Engineer to transform how Apex manages workforce identity and access management. This role combines DevOps/SRE practices with deep IAM expertise to eliminate manual, UI-based processes and build self-service, API-driven solutions that scale across our hybrid and multi-cloud environment. As a senior technical contributor, you’ll also mentor junior team members and help elevate the team’s overall automation and engineering capabilities.

You’ll focus on workforce identity (employees, contractors, partners) while collaborating with our CIAM team who handles customer-facing identity services. As a technical leader, you’ll drive the implementation of Tines as our strategic automation platform, develop infrastructure-as-code for identity systems, and architect integrations that enable the business to move fast without compromising security.

As IAM evolves with AI adoption, you’ll help lead our response to emerging non-human identity (NHI) challenges, partnering with SecOps to develop governance for AI agents, service accounts, and machine identities. You’ll also leverage AI tools effectively and responsibly in your daily work to accelerate automation development and problem-solving.

This role requires someone who can write production code, architect distributed systems, and translate business requirements into automated solutions, not just configure IAM platforms.

• Lead Tines platform implementation and governance - Define technical standards, architect RBAC models, and build workflows that automate employee lifecycle management, access requests, and certification campaigns. Partner with cross-functional teams to establish Tines as the firm-wide automation platform for workforce identity use cases.

• Build infrastructure-as-code for identity systems - Develop and maintain Terraform, PowerShell, and Python automation across our hybrid infrastructure (on-prem AD/Adaxes, Entra ID, Okta, AWS IAM, GCP/GCI) to enable repeatable, version-controlled deployments with proper change management.

• Design API-driven automation and integrations - Architect scalable solutions that orchestrate identity workflows across HRIS (Workday), ticketing (ServiceNow), collaboration platforms (Slack, Teams, M365), and enterprise applications, leveraging APIs and SDKs to eliminate manual processes.

• Implement observability and self-healing capabilities - Build monitoring, alerting, and automated remediation for identity systems to reduce operational toil, improve reliability, and enable proactive issue detection across authentication flows and provisioning processes.

• Enable rapid application onboarding - Create automation frameworks and integration patterns that allow the business to onboard new SaaS applications with minimal manual intervention while maintaining security and compliance standards.

• Pioneer non-human identity (NHI) governance - Partner with SecOps to develop policies, controls, and automation for managing AI agents, LLM API keys, service accounts, bot identities, and machine-to-machine authentication as AI adoption accelerates across the organization.

• Mentor and develop junior team members - Share your hard-won experience and technical expertise to elevate the team’s capabilities. Conduct code reviews, pair programming sessions, and knowledge transfer that builds automation skills, IAM expertise, and engineering judgment across the team.

• Drive technical innovation in the identity space - Evaluate emerging tools and practices, establish CI/CD pipelines for IAM deployments, and leverage AI-powered development tools (LLMs, code generation, AI assistants) responsibly to accelerate automation delivery and stay ahead of business needs.

• Software development proficiency - 5+ years writing production code (Python, PowerShell, Go, or similar) with strong API and SDK integration experience

• IAM architecture skills - Deep understanding of SSO protocols (SAML, OIDC), provisioning standards (SCIM), directory services (Active Directory, Entra ID), and enterprise IAM platforms (Okta strongly preferred)

• Infrastructure-as-Code mastery - Hands-on experience with Terraform, Ansible, or similar tools, plus CI/CD pipelines for automated deployments

• DevOps/SRE practices - Experience building observable, reliable systems with appropriate monitoring, logging, and incident response capabilities

• Workflow automation platforms - Demonstrated ability to implement and govern low-code/code-first automation tools (Tines, Workato, n8n, or similar)

• Demonstrated hands-on experience with the following:

• Enterprise SSO and IAM (Okta, Entra ID/Azure AD)

• Directory services and management (Active Directory, Adaxes)

• Cloud IAM (AWS IAM, GCP Cloud Identity)

• Workflow automation (Tines preferred, or similar platforms)

• Integrations with HRIS systems (Workday, BambooHR, ADP)

• Problem-solving ability - Experience debugging complex distributed systems, analyzing API integrations, and optimizing automated workflows

• Pragmatic engineering - Balance between perfect and done; build iteratively with continuous improvement

• AI-augmented productivity - Comfortable leveraging AI tools (LLMs, code assistants, AI pair programming) responsibly to accelerate development while maintaining code quality and security

• Forward-thinking security - Interest in emerging IAM challenges like non-human identities, AI agent governance, and machine identity management

• Mentorship and knowledge sharing - Genuine interest in developing junior engineers through code reviews, pairing, and transferring hard-won lessons from production experience

• Technical communication - Document architecture decisions, create operational runbooks, and explain technical concepts to business stakeholders

• Employee experience focus - Understand that internal users are customers; design automation that enables productivity without friction

Required:

• 7-10+ years in DevOps, SRE, or software engineering roles with significant IAM/identity automation focus

• Demonstrated experience building automation solutions for enterprise IAM platforms using APIs, scripting, and infrastructure-as-code

• Track record of implementing workflow automation or orchestration platforms in production environments

• Understanding of both technical IAM implementations and business processes (joiner/mover/leaver, access requests, compliance)

• Experience working in hybrid on-premises and cloud environments

Preferred:

• Experience with Tines or similar low-code automation platforms

• Background bridging Corporate IT and Engineering teams

• HRIS integration experience, especially with Workday

• Familiarity with compliance requirements (SOC1/2, audit trails, access certifications)

• Interest or experience in Non-Human Identity management

• Demonstrated use of AI tools to enhance productivity in automation or infrastructure work

• Active contributions to IAM automation communities or open-source projects

Education:

• Bachelor’s degree in Computer Science, Software Engineering, or related field; degree requirement may be substituted with equivalent years of technical experience

Within your first year, you’ll have:

• Established Tines as the automation platform for workforce identity with documented standards and governance

• Reduced employee onboarding time and access provisioning through automated workflows

• Implemented infrastructure-as-code for critical IAM systems with version control and CI/CD pipelines

• Built self-service capabilities that significantly reduce help desk ticket volume

• Created observability dashboards and automated access certification processes

• Partnered with SecOps to establish initial NHI governance frameworks for AI agents and service accounts

• Demonstrated effective and responsible use of AI tools to accelerate automation development

• Elevated the team’s technical capabilities through mentorship and knowledge sharing, enabling greater autonomy and engineering maturity

• Developed strong partnerships with HR, Enterprise Apps, and cross-functional teams

• Positioned workforce IAM as a technical enabler rather than a bottleneck for the business

We value diverse perspectives and practical experience over perfect résumé matches. If you’re excited about eliminating manual identity processes through automation but don’t check every box above, we encourage you to apply. We’re looking for engineers who understand that workforce IAM is about enabling people, not just managing systems.

​Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

Our Rewards

We offer a robust package of employee perks and benefits, including healthcare benefits (medical, dental and vision, EAP), competitive PTO, 401k match, parental leave, and HSA contribution match. We also provide our employees with a paid subscription to the Calm app and offer generous external learning and tuition reimbursement benefits. At AFS , we offer a hybrid work schedule for most roles that allows employees to have the flexibility of working from home and one of our primary offices.

Salary Range

The annual base salary range for this position is noted above. Exact compensation offered may vary depending on job-related knowledge, skills, experience, and office location.

EEO Statement

Apex Fintech Solutions is an equal opportunity employer that does not discriminate on the basis of race, color, religion, sex (including pregnancy, sexual orientation, and gender identity), national origin, age, disability, veteran status, marital status, or any other protected characteristic. Our hiring practices ensure that all qualified applicants receive fair consideration without regard to these characteristics.

Disability Statement

Apex Fintech Solutions is committed to creating an inclusive and accessible workplace for all candidates, including those with disabilities. We are dedicated to ensuring equal employment opportunities and providing reasonable accommodations to qualified individuals with disabilities. If you require reasonable accommodations to participate in the application or interview process, please submit your request via the Candidate Accommodation Requests Form. We will work with you to provide the necessary accommodations to ensure your full participation in our hiring process.