IAM Security Engineer
Austin, TX, United States
About the Department The Identity and Access Management (IAM) team is dedicated to ensuring the secure and efficient management of user identities, access privileges, and authentication mechanisms across all company systems, applications, and data. Our mission is to safeguard the organization against unauthorized access, protect sensitive information, and enable seamless user experiences while adhering to industry best practices and compliance standards.
About the Role
As an Identity and Access Management (IAM) Security Engineer, you will play a crucial role in designing, implementing, and managing identity and access management solutions. You will be responsible for safeguarding our systems, applications, and data by ensuring secure user access, authentication, and authorization mechanisms.
A Security engineers work may include reviewing reports from various sources (automated scanners, employee reports, logs, etc.), managing and configuring automated tooling (Terraform, Open Policy Agent, Workers, etc.), building controls to enforce policy (two factor authentication requirements, role based access, etc), creating tools, reports or platforms to support the team's goals.
Desirable skills, knowledge and experience
Security engineers take part in a wide variety of tasks and projects in the team. One individual is not expected to know everything, but a working knowledge in several of the following areas is required:
Strong understanding of identity federation (SAML, OAuth, OpenID Connect, etc.)
Experience with Identity and Access Management policy application and enforcement
Experience designing, implementing, and managing IAM solutions
Experience working with Open Policy Agent
Experience working in DevOps / DevSecOps
Experience working with configuration management tools like Terraform, Ansible, etc.
Experience working with Information Technology platforms and systems
Experience with SaaS security (Google Workspace, Salesforce, Workday, Atlassian, etc.)
Experience in configuration, troubleshooting and maintenance of network security infrastructure (Web content filtering, Firewall, IDS and DLP controls)
Experience with API gateways and API security
Experience with Zero Trust security
Experience in secure configuration of cloud-based storage and data management systems
Experience with secure configuration of containerized application platforms (e.g. Kubernetes)
Advanced programming experience (Python, TypeScript, Bash, etc.)
Compensation
Compensation may be adjusted depending on work location.
For Colorado-based hires: Estimated annual salary of $ 168,000 - $ 206,000
For New York City, Washington, and California (excluding Bay Area) based hires: Estimated annual salary of $ 187,000 - $ 229,000
For Bay Area-based hires: Estimated annual salary of $ 196,000 - $ 240,000
Equity
This role is eligible to participate in Cloudflare’s equity plan.
Benefits
Cloudflare offers a complete package of benefits and programs to support you and your family. Our benefits programs can help you pay health care expenses, support caregiving, build capital for the future and make life a little easier and fun! The below is a description of our benefits for employees in the United States, and benefits may vary for employees based outside the U.S.
Health & Welfare Benefits
Medical/Rx Insurance
Dental Insurance
Vision Insurance
Flexible Spending Accounts
Commuter Spending Accounts
Fertility & Family Forming Benefits
On-demand mental health support and Employee Assistance Program
Global Travel Medical Insurance
Financial Benefits
Short and Long Term Disability Insurance
Life & Accident Insurance
401(k) Retirement Savings Plan
Employee Stock Participation Plan
Time Off
Flexible paid time off covering vacation and sick leave
Leave programs, including parental, pregnancy health, medical, and bereavement leave
#J-18808-Ljbffr