Sr Identity Engineer II
Jeppesen ForeFlight · Austin, TX · 2 wk ago
HybridEngineering$102k–$125k/yrFull-time
Key Responsibilities
- Architect and implement IAM solutions across workforce and customer identity (SSO, MFA, federation, SCIM, RBAC/ABAC).
- Own and evolve our identity platforms (e.g., Okta, Azure AD/Entra ID, Ping, or similar), including integrations via SAML, OAuth 2.0, and OIDC.
- Design and automate identity lifecycle workflows: provisioning, deprovisioning, access reviews, and least-privilege enforcement.
- Lead privileged access management (PAM) and secrets management initiatives.
- Define standards, policies, and best practices for authentication and authorization; review designs for security and compliance.
- Partner with security teams on threat modeling, incident response, and audit/compliance efforts (SOC 2, ISO 27001, etc.).
- Mentor engineers and serve as the subject-matter expert on identity across the organization.
Required Qualifications
- 6+ years in engineering, with 4+ years focused on IAM or identity-related security.
- Deep expertise with SAML, OAuth 2.0, OIDC, SCIM, and federation protocols.
- Hands-on experience with at multiple major IdP (Okta, Entra ID, Ping, ForgeRock, AD).
- Strong scripting/automation skills (Python, Go, PowerShell, or similar) and IaC (Terraform).
- Solid understanding of cloud IAM (AWS, Azure, or GCP) and zero-trust principles.
Preferred Qualifications
- Experience with PAM and secrets management tooling (CyberArk, HashiCorp Vault).
- Familiarity with compliance frameworks (SOC 2, ISO 27001, FedRAMP).
- Relevant certifications (Okta Certified, CISSP, AWS/Azure security).