Senior IAM Security Engineer

Summary

Join Pomelo Care's growing information security team as a Senior IAM Security Engineer. You will play a pivotal role in designing, implementing, and scaling IAM solutions to protect our systems and data. This role requires a deep understanding of IAM technologies and best practices, and you will collaborate with cross-functional teams. You will develop and implement IAM strategies, design and implement IAM solutions, and architect and deploy IAM infrastructure. You will also leverage Okta as the corporate IDP and build SSO integrations. This position offers a chance to contribute to a mission-driven startup and make a real impact on improving care for moms and babies.

Requirements

• Bachelor’s degree in Information Technology, Computer Science, or a related field
• 7+ years of experience in baseline technology functions such as information security, IT, software engineering or system administration (implementation, configuration, and coding) with 3 to 5 years of that experience administering IAM systems and procedures
• Strong developer experience with APIs, scripting and web services (bash, shell, Java, JavaScript, Python, REST, etc.) to implement custom integrations and automation of system administrator tasks
• Deep knowledge of IAM protocols and technology (SSO, OAuth, OIDC, SAML, SCIM, MFA, PAM, etc.)
• Experience implementing Identity Governance and Administration (IGA) solutions including lifecycle management, SCIM, birthright access (RBAC, ABAC), just-in-time (JIT) provisioning, and access certifications
• Experience implementing Zero Trust principles
• Security-minded approach and experience developing multi-layered and auditable system controls, integrations, processes, and procedures
• Excellent leadership, communication, and interpersonal skills
• Demonstrated ability to simplify complex systems and implement clean, efficient architectures

Responsibilities

• Develop and implement an IAM strategy that aligns with our company goals and objectives
• Provide leadership and direction on all IAM-related matters
• Understand Business Requirements and Security Risks. Collaborate with stakeholders to comprehend business objectives, assess security risks, and design scalable IAM solutions that align with organizational needs. Develop and implement policies and procedures to mitigate identified risks. Ensure compliance with relevant laws, regulations, and industry standards (e.g., HIPAA, CCPA/CPRA, PCI, SOX)
• Design and Implement IAM Solutions. Develop comprehensive IAM strategies that address both current and future security requirements, ensuring alignment with business goals, regulatory standards
• Architect and Deploy IAM Infrastructure. Lead the design, testing, and deployment of IAM solutions across authentication, authorization, and accounting, ensuring they are scalable and resilient. Ensure the accuracy and integrity of identity data across systems including integration with upstream and downstream applications
• Collaborate with IT, HR, legal, and other departments to address IAM needs and concerns. Communicate IAM updates, policies, and procedures to all employees. Serve as the primary point of contact for IAM-related matters
• Leverage Okta as the corporate Identity Provider (IDP). Utilize Okta to secure identities, streamline user management, and integrate with other security tools and systems
• Help build SSO Integrations across all systems and applications. Design and implement Single Sign-On (SSO) integrations using SAML, OIDC, OAuth, and SCIM to enhance security and user experience. Ensure proper user provisioning, de-provisioning, role management and device authorizations
• Develop and Manage Identity Governance and Administration (IGA). Create and manage the IGA platform, incorporating processes and workflows for birthright access, Just-In-Time (JIT) provisioning, and access certification. Provide management for Privilege Access Management (PAM) and oversight for Non Human Identities (NHI)
• Automate Role Management. Develop and maintain automated role-based (RBAC) and attribute-based (ABAC) access controls to ensure efficient and secure access management
• Provide Operational Support for IAM Systems. Ensure the continuous, reliable operation of IAM systems, addressing issues promptly to maintain security and efficiency including in the areas of Consumer Identity Verification
• Monitor and audit access to systems and data to ensure compliance with policies

Preferred Qualifications

• Advanced degree
• Relevant certifications (e.g. CISSP, CISM)

Benefits

• Competitive healthcare benefits
• Generous equity compensation
• Unlimited vacation
• Membership in the First Round Network (a curated and confidential community with events, guides, thousands of Q&A questions, and opportunities for 1-1 mentorship)