Identity Access Management (IAM) Engineer
At GFiber, we believe in the power of great internet that lets people do more, helps communities get stronger and makes amazing things possible. We’re not just growing to build better internet experiences, we’re also building a welcoming place where people who want to make a difference can grow their careers.
GFiber is an Alphabet company that brings Google Fiber and Google Fiber Webpass internet services to homes and businesses across the United States. Our growing, inclusive team is expanding as we connect more cities and people.
The application window will be open until at least August 9, 2024. This opportunity will remain online based on business needs which may be before or after the specified date.
Are you passionate about building secure and seamless identity experiences for both employees and customers? Do you thrive on the challenge of designing and managing complex identity access management (IAM) platforms? If so, our team is looking for you!
We're a dynamic group of engineers who specialize in Developer experience platforms and IAM. We're responsible for everything from managing DevOps and Cloud infrastructure, our workforce IAM platform and ensuring secure single sign-on (SSO), to developing and maintaining customer-facing IAM solutions that deliver a frictionless user experience.
If you're ready to take your IAM expertise to the next level and make a real impact on a company that puts identity at the forefront of everything we do, join us!
Role Description
As an Identity Access Management (IAM) Engineer, you will be responsible for the security of our company's systems and networks. In this role, you will oversee the implementation of Workforce Identity access management (WIAM) and Customer Identity Access Management (CIAM), including everything for universal directory and access rules, single sign on (SSO), onboarding new employees, setting and enforcing account management policies, debugging problems, and monitoring. You’ll also coordinate with the broader security team to ensure that our security posture is maintained, with audit strategies and post-mortems.
In this role, you'll:
- Lead the configuration and implementation of Workforce IAM and Customer IAM.
- Oversee SSO implementations and ensure it is properly configured and secure.
- Be part of onboarding of new employees to ensure proper training on SSO/MFA usage.
- Set and enforce account management policies.
- Troubleshoot, identify, and resolve access management and Identity problems.
- Coordinate with the larger security team to ensure that our security posture is maintained, with audit strategies and postmortems.
- Partner with security to define strategies for multi-factor authentication (MFA), location-based restrictions, strategy, and policies for logging.
- Partner with Cloud engineering to define cloud operation IAM policies, mapping IAM identities to cloud identities and also SaaS identities.
- Define support strategy and provide multi-tier support for IAM and EAM platform.
- Support Software engineers in developing IAM aware applications.
At a minimum we'd like you to have:
- Bachelor's degree in Computer Science or relevant experience.
- 5 years of experience with identity and access management technology, such as single sign-on (SSO), two-factor authentication, privileged access management, multi-factor authentication (MFA), etc.
- 5 years of hands-on experience with various scripting languages including but not limited to Bash, Python, etc.
- 2 years experience with cloud-based IAM technologies (GCP, AWS, Azure, etc).
- 2 years of experience with the Okta identity platform(s) including managing Workforce IAM and Customer IAM tenants.
It's preferred if you have:
- Master's degree in Computer Science, Management Information Systems, or other technical field, or equivalent practical experience.
- Experience with GCP IAM policy structure.
- Experience with performing IAM audits.
- Experience in deploying a new identity platform from beginning to end.
- Experience with DevOps and automation.
- Experience identifying inefficiencies, gaps, and areas for improvement with ability to enhance overall process efficiency and user satisfaction.
The US base salary range for this full-time position is between $117,000 - $171,000 + bonus + cash award + benefits. As pay varies by location, your recruiter will share more about the specific salary range for your targeted location during the hiring process.
It's important to us to create an accessible, inclusive workplace for everyone. If you have a need that requires accommodation, please let us know by completing our accommodations for applicants form. Our candidate accommodations team will then connect with you to confidentially discuss your options.
Apply now
Resume/CV* .pdf, .doc, or .docx only. Attachments must not exceed 10MB.
LinkedIn Profile
Are you currently or were you previously a GFiber employee, and/or did you support GFiber as a temp or vendor?*
Please select all applicable employment types. If you are a current GFiber full-time employee, please apply through the internal job board at go/gfiber-jobs.
Former Employee, Temp, Vendor, None
Are you currently or were you previously an Alphabet employee, and/or did you support Alphabet as a temp, vendor, contractor (TVC) or intern (not including GFiber)?*
Current Employee, Former Employee, TVC, Intern, None
Work Authorization*
I am authorized to work for any employer in the country in which this position is based. I require, or in the future will require, GFiber's sponsorship to obtain work authorization in the country in which this position is based. My status to work in the country in which this position is based is unknown.
Please review and acknowledge our Candidate Privacy Policy linked below:*
I understand that the information I submit as part of my job application will be used in accordance with Google's Applicant and Candidate Privacy Policy. I consent to the processing of my information as described in that policy including that, in limited circumstances, Google may share my contact information with trusted third parties, to assist in certain phases of the hiring process (such as conducting background checks).
Yes, No
Do you have five (5) years of experience with identity and access management technology, such as single sign-on (SSO), two-factor authentication, privileged access management, multi-factor authentication (MFA), etc?*
Yes, No
Do you have five (5) years of hands-on experience with various scripting languages including but not limited to Bash, Python, etc?*
Yes, No
Do you have two (2) years experience with cloud-based IAM technologies (GCP, AWS, Azure, etc)?*
Yes, No
Do you have two (2) years of experience with the Okta identity platform(s) including managing Workforce IAM and Customer IAM tenants?*
Yes, No
Voluntary Self-Identification
At GFiber, we value belonging and believe in fostering an environment where a diversity of perspectives can thrive. This core value is the North Star of our business and critical to our success. This voluntary self-identification form contains questions that help us comply with our legal obligations, where applicable, and assists us with our voluntary diversity efforts. Your responses will be kept for future applications and you can change them at any time. Please click here to learn more about our Equal Opportunities.
1 Section 503 of the Rehabilitation Act of 1973, as amended. For more information about this form or the equal employment obligations of Federal contractors, visit the U.S. Department of Labor's Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.
#J-18808-Ljbffr