Identity and Access Management (IAM) Engineer

🛡️ Identity and Access Management (IAM) Engineer

The relentless fight against cybercrime is our daily mission. Our Security team is on the frontlines, building a robust defense system with solid security tools and vigilant monitoring. We don’t just react — we proactively engineer a layered security posture with strong processes and training programs to make passive defenses our first line of attack.

Responsibilities:

• Design, develop, implement, and manage identity and access management (IAM) solutions.
• Automate routine tasks to achieve scalable and efficient IAM practices.
• Implement and manage controls to enforce policy (SSO systems, MFA).
• Be responsible for user provisioning and lifecycle management.
• Safeguard our systems, applications, and data by ensuring secure user access, authentication, and authorization mechanisms.

Requirements:

• Extensive experience with IAM and PAM solutions.
• Strong understanding of authentication protocols such as SAML, OAuth, OpenID Connect, LDAP, and Directory services.
• Experience with cloud-based IAM solutions and securing cloud environments.
• Deep understanding of Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC).
• Experience with API security and integration of various IAM solutions with enterprise applications.
• Skills with CI/CD tools and integrating IAM solutions into automated deployment pipelines.
• Knowledge of Infrastructure as Code (IaC) tools, such as Terraform.

Bonus points if you:

• Have expertise in Identity Federation and implementing federated identity solutions.
• Can conduct IAM risk assessments and apply effective security measures.
• Are experienced in implementing Zero Trust security models.
• Have hands-on experience with IAM governance tools.
• Are skilled in database management and SQL.
• Are familiar with MDM solutions and securing mobile access.
• Understand network security principles as they relate to IAM.
• Are knowledgeable about industry standards and regulatory requirements like GDPR, ISO 27001, NIST CSF, and CIS Controls.
• Hold certifications such as CCIE Sec, CCIE Ent, CIMP, FCSS SASE, MS-100, CIAM, or CIDPRO.

Benefits:

• Growth and learning opportunities: time dedicated to learning, conferences, online learning platforms, and books for your professional development.
• Health and wellness: we want you to feel and be your best. That's why we offer various benefits, from online workouts, a physical coach and a gym to regular mental health checks.
• Tools of your choice: choose technical equipment and the tools you need to do your best.
• Community and celebrations: get ready for long-lasting traditions such as yearly workation, Friday get-togethers, various team buildings and company celebrations.
• Convenient commuting: traveling from point A to point B can be a pain. That’s why, depending on your unique circumstances, we compensate part of your public transport costs.
• Work-life balance: as a general rule, we work based on a 3+2 hybrid model. And let’s not forget the WFA policy – an opportunity to work from anywhere in the world.
• Premium Surfshark accounts: for you, your family, and friends.
• Gross salary: 2980 - 5790 Eur/month for the Lithuanian market. It may vary depending on your skills, experience, or location.