IAM & Security Engineer 3

Summary

Join MongoDB as a Security Engineer and design, implement, and manage security solutions at scale. You will administer and enhance IAM platforms, design SSO and MFA policies, develop RBAC models, and automate identity lifecycle processes. Secure cloud environments across AWS, GCP, and Azure, focusing on IAM policies and access control. Manage MDM platforms and implement device trust policies. Develop security automation workflows and support Splunk SIEM administration. This remote role in Germany requires 3+ years of hands-on experience in IAM, Cloud Security, or Security Engineering and deep expertise in IAM solutions. The position offers a supportive and enriching culture with various benefits.

Requirements

• 3+ years of hands-on experience in IAM, Cloud Security, or Security Engineering
• Deep expertise in IAM solutions such as Okta, AWS IAM, GCP IAM, Azure AD, and identity federation technologies
• Strong understanding of OAuth2, OIDC, SAML, and authentication best practices
• Experience with Infrastructure as Code (Terraform/OpenTofu, CloudFormation) and security automation
• Proficiency in Python, Bash, or PowerShell for scripting and automation
• Experience managing MDM solutions and implementing device security policies
• Familiarity with SIEM (Splunk), endpoint monitoring, and security alerting

Responsibilities

• Identity & Access Management (IAM) & Authentication Security
• Administer and enhance IAM platforms, including Okta, AWS, GCP, and Azure IAM, ensuring secure and least-privilege access
• Design and implement SSO (SAML, OIDC, OAuth2) and MFA policies to strengthen authentication security
• Develop role-based access control (RBAC) models and identity governance workflows to improve access management
• Automate identity lifecycle processes (provisioning, deprovisioning, JIT access) using Terraform/OpenTofu and Python
• Implement security controls for GitHub repository management, ensuring secure CI/CD pipeline access
• Cloud Security & Infrastructure as Code (IaC)
• Secure cloud environments across AWS, GCP, and Azure, focusing on IAM policies, resource permissions, and access control
• Automate security configurations and policy enforcement using Terraform/OpenTofu, CloudFormation, and Python scripting
• Conduct security assessments on cloud services, identifying misconfigurations, excessive permissions, and potential risks
• Support network security solutions, including Cloudflare WARP, VDI access controls, and VPN alternatives
• Endpoint & Device Security
• Manage MDM platforms (JAMF, Workspace ONE, Kolide) and implement device trust policies for macOS, Windows, and Linux
• Automate compliance monitoring and enforce security baselines for corporate and BYOD devices
• Deploy and manage Zero Trust security frameworks, integrating device posture with IAM policies
• Automation, Security Engineering & SIEM
• Develop security automation workflows using Tines, Python, or PowerShell to reduce manual tasks
• Support Splunk SIEM administration, assisting with log analysis, alert tuning, and incident response workflows
• Monitor and respond to IAM and cloud security incidents, conducting root cause analysis and implementing remediation plans

Preferred Qualifications

Certifications like AWS Certified Security, Okta Certified Professional, or CISSP

Benefits

• Employee affinity groups
• Fertility assistance
• A generous parental leave policy