Senior Identity & Access Management Engineer

Multiple Locations

0 year(s)

Job Description
We are looking for a highly motivated and seasoned senior security engineer with a strong focus on identity and access management. This is a hands-on technical role where you would get the opportunity to partner with our InfoSec team to build and deliver secure identity access management solutions across our on-premises and cloud infrastructure. You will partner closely with all engineering teams, IT administrators, site reliability team and compliance analysts to ensure that our IAM strategy is well defined and well-executed. The ideal candidate will have the ability to proactively perform risk assessments, identify and remediate risk-prioritized security gaps in the IAM infrastructure/integrations, and be a trusted advisor to partner teams by providing technical security consultation and participating in the evaluation/selection of IAM tools and services.

General responsibilities
• Partner with our IT and site reliability teams to build a secure and robust identity management strategy experience across the organization by integrating applications, services and platforms that collectively form our infrastructure.
• Research new threat attack vectors in the space of identity management solutions and work with partner teams to remediate identified gaps and vulnerabilities.
• Collaborate with our Security Operations Center to collect adequate telemetry, build abuse detection rules and automation for incident response.
• Participate in the evaluation and selection of tools, technologies, and services necessary to enable and operate a secure IAM solution.
• Provide technical consultation to partner teams on topics related to identity and access management.
• Design and develop policies and processes around identity governance and access management for humans, platforms and services used across the organization.
• Be a strong technical partner to our IT and site reliability teams through clear communication, supporting the execution of the overall IAM strategy across the organization.

Technical competencies
• Knowledge of Cloud Security AWS/GCP.
• Subject matter expertise in identity and access management solutions, preferably in cloud environments, such as GCP/AWS IAM.
• Deep understanding of authentication protocols such as SAML, OAuth, OIDC, OpenID, FIDO2.
• Experience working with tools such as OneLogin or Okta.
• Familiarity with the lifecycle of Identity management (provisioning/de-provisioning), Identity access management techniques (Privileged identity management, just in time access, conditional access) and common cloud services for audits (AWS access analyzer, GCP Security Command Center, etc.).
• Extensive knowledge in administering Active Directory (AD) and group policy (GPO).
• Experience in administering PAM solutions such as CyberArk or Beyond Trust.
• Extensive infrastructure experience with servers, workstations, applications, and network security.
• Experience with Ansible and Terraform automation tools.

Non-Technical Competencies
• Deep technical troubleshooting skills.
• Evangelist for security best practices.
• Ability to translate technical issues into business language for end-users.
• Desired experience working in a fast-paced e-commerce environment with a record of hands-on management of security controls.
• Team Player with proven communication, organizational, and strong interpersonal skills.
• Self-motivated out-of-the-box problem solver with the ability to switch between team projects and self-directed work.
• Able to prioritize and drive to results.
• Intermediate to advanced verbal and written English proficiency.

• Ideally 7 years of progressive IT experience with 4+ years in a cyber security role.
• Degree in Computer Science, Information Security, Information Systems.
• CISSP, CISM, CEH, CISA or other relevant certifications.
• A relevant certification on MS Windows AD administration.
• Amazon Web Services (AWS) or Google Cloud Platform (GCP) security certifications.

About Backcountry

Seek it. Find it. Send it. We help customers seek the perfect gear for their backcountry, find their awe, and send it their way. Through our five brands—Backcountry, Competitive Cyclist, MotoSport, Bergfreunde, and Steep&Cheap—we give our customers the gear, knowledge, and inspiration they need to chase life’s greatest moments. We foster local outdoor communities around the locations of our expanding number of retail stores, and we’re actively creating a more inclusive and equitable outdoors for all through our Diversity, Equity & Inclusion initiatives.

We’re a company of Gearheads and we offer personalized expertise at every level of the organization. This means we curate the best assortment of premium gear and apparel, a premium shopping experience, personalized Gearhead advice, super-fast and accurate fulfillment, and aspirational and informative content.

We take growth and personal fulfillment seriously. For our employees—aka, our Herd—this means career growth potential and the ability to take ownership and make an impact daily. We offer perks like an exceptional gear discount, an annual summer Adventure Contest, summer barbecues, and a pet-friendly office.

When you join the Backcountry Herd, you join a crew that is passionate about their jobs and equally stoked on the outdoors. Pre-dawn skintrack laps are the norm, MTB rides are our lunch break, and you’ll regularly find coworkers hitting the trail together post-work. Benefits are competitive and include medical, dental, vision, and disability & life insurance, paid maternity and paternity leave, 401(k) matching, Flexible Spending or Health Savings Account