IAM & Security Engineer 3

TL;DR

IAM & Security Engineer 3: Designing, implementing, and operating identity, access, and endpoint security solutions at scale with an accent on improving IAM posture, automating operations, and supporting compliance initiatives. Focus on enhancing IAM platforms, implementing SSO and MFA, maintaining RBAC models, and hardening non-human identities.

Location: Hybrid working model, must be based on the West Coast of the US. US Citizen required.

Salary: $101,000–$198,000 USD

Company

hirify.global empowers customers and people to innovate at the speed of the market by redefining the database for the AI era and offering a globally distributed, multi-cloud database platform.

What you will do

• Operate and enhance IAM platforms including Okta, AWS IAM, GCP IAM, and Azure AD to ensure secure access models.
• Implement and support SSO integrations (SAML, OIDC, OAuth2) and MFA enforcement for internal and third-party applications.
• Maintain and improve RBAC models, groups, and policies, aligning access with business needs and audit requirements.
• Contribute to the identity lifecycle using automation (Terraform/OpenTofu, Python, Tines) to reduce manual effort.
• Assist with hardening non-human identities, focusing on least-privilege and proper key/secret management.
• Collaborate to support FedRAMP High and other regulatory programs by implementing and operating IAM and endpoint controls.

Requirements

• 3–5 years of experience in Identity & Access Management, Security Engineering, or Cloud Security roles.
• Hands-on experience administering and securing Okta for workforce identity.
• Practical experience with IAM in at least one major cloud provider (AWS IAM strongly preferred).
• Good understanding of authentication and authorization standards (OAuth2, OIDC, SAML, modern MFA).
• Exposure to FedRAMP High or Moderate, or similar U.S. public-sector frameworks.
• Experience with scripting or programming (e.g., Python, Bash) to automate IAM or security tasks.

Nice to have

• Experience designing or operating phishing-resistant authentication (e.g., WebAuthn, FIDO2, YubiKey).
• Experience with identity governance and administration (IGA) platforms.
• Familiarity with Tines or other low-code automation tools for security workflows.
• Industry certifications such as Okta Certified Administrator, AWS Associate/Professional.

Culture & Benefits

• Equity and participation in the employee stock purchase program.
• Flexible paid time off.
• 20 weeks fully-paid gender-neutral parental leave.
• Fertility and adoption assistance.
• 401(k) plan and mental health counseling.
• Access to transgender-inclusive health insurance coverage and health benefits.