TL;DR

Senior IAM & Security Engineer (AI): Designing, implementing, and managing identity, access, and endpoint security solutions at scale with an accent on secure, least-privilege, and scalable access models for human and non-human identities, including agentic AI systems. Focus on architecting SSO, RBAC, identity governance workflows, and securing multi-cloud environments.

Location: We are looking to speak to candidates who are based on the East Coast of the US for our hybrid working model.

Salary: $118,000–$231,000 USD

Company

MongoDB is a product company that provides a unified database platform for the AI era, enabling customers to innovate with software and offering a globally distributed, multi-cloud database platform, MongoDB Atlas.

What you will do

Lead administration and enhancement of IAM platforms, including Okta, AWS IAM, GCP IAM, and Azure AD.
Architect and implement SSO and authentication solutions (SAML, OIDC, OAuth2, MFA).
Design and continuously improve RBAC, access models, and identity governance workflows.
Define and standardize patterns for non-human identity lifecycle and access, including agentic AI systems.
Automate complex identity lifecycle processes using Terraform/OpenTofu, CloudFormation, Python, and Tines.
Secure multi-cloud environments (AWS, GCP, Azure) from an identity and access perspective.
Manage and improve endpoint security posture and device trust controls, integrating signals into IAM and Zero Trust decisions.
Support FedRAMP High and other regulatory/compliance programs by implementing required IAM and endpoint controls.
Monitor, investigate, and respond to IAM and cloud security incidents.

Requirements

At least 5 years of experience in Identity & Access Management, Security Engineering, or Cloud Security roles.
Demonstrated experience working in or supporting FedRAMP High or Moderate environments, or equivalent U.S. public-sector frameworks (e.g., FISMA, StateRAMP).
Subject matter expertise in securing workforce identity and access at scale using platforms such as Okta, AWS IAM, GCP IAM, and Azure AD.
Strong understanding of authentication and authorization in modern environments, including OAuth2, OIDC, SAML, and MFA.
Deep experience designing and operating RBAC models, access patterns, and identity governance workflows.
Experience securing non-human identities, including agentic AI systems, lifecycle management, and least-privilege access design.
Strong experience with infrastructure-as-code, such as Terraform/OpenTofu and CloudFormation, in AWS and at least one additional cloud provider (Azure or GCP).
Experience using scripting languages such as Python and Bash and low-code automation tools such as Tines.
Experience using Datadog (or similar observability / SIEM platforms) for security logging, alerting, and incident investigation.
Ability to perform security and access reviews, identify gaps, and recommend pragmatic controls.
Be a US Citizen.

Nice to have

Experience designing and operating phishing-resistant authentication (e.g., WebAuthn, FIDO2, YubiKey).
Experience with identity governance and administration (IGA) platforms.
Experience with Zero Trust architectures, particularly integrating device posture, network controls, and IAM policies.
Experience managing MDM platforms (Jamf, Workspace ONE, Kolide) and implementing device trust models.
Experience with security incident response focused on identity, access, and endpoint security events.

Culture & Benefits

Committed to developing a supportive and enriching culture for all employees.
Provides employee affinity groups, fertility assistance, and a generous parental leave policy.
Offers flexible paid time off, 20 weeks fully-paid gender-neutral parental leave, and 401(k) plan (applicable to U.S.-based candidates).
Provides mental health counseling and access to transgender-inclusive health insurance coverage (applicable to U.S.-based candidates).
Committed to providing necessary accommodations for individuals with disabilities.

Senior IAM & Security Engineer

Описание вакансии