Senior IAM Engineer, IT Engineering

We are looking for a highly motivated IAM Engineer to join the IT Engineering team and provide a world class end user technology experience. You will be responsible for designing, implementing, and maintaining our organization's IAM systems and processes, ensuring the security and integrity of our systems and data by managing user identities, access privileges, and enforcing authentication and authorization mechanisms. Your role will be pivotal in delivering the team's mission to empower Checkout employees to deliver exceptional results efficiently and effectively any time, anywhere.

How you'll make an impact:

• Administration of Checkout's Identity platform, including Okta and our joiner, mover leaver process
• Collaborate with cross-functional teams to gather IAM requirements and translate them into technical designs.
• Ongoing integration of applications to use SSO with Okta, including liaising with application owners to gather requirements and develop integration approaches.
• Develop and maintain user account provisioning and deprovisioning processes.
• Implement automated workflows and approval processes using Okta workflows for user onboarding, role changes, and offboarding.
• Conduct periodic access reviews to ensure adherence to least privilege and separation of duties principles.
• Manage user identities, roles, groups, and access policies across various systems and platforms.
• Establish and enforce access control policies, including role-based access control (RBAC) and attribute-based access control (ABAC).
• Implement and manage device trust and assurance rules within Okta Identity Engine
• Monitor IAM systems and processes for security vulnerabilities, potential threats, and compliance issues.
• Develop and maintain documentation, including policies, procedures, and guidelines related to IAM practices.
• Work closely with our InfoSec team to ensure seamless execution of IAM-related tasks and controls for audits such as PCI DSS, ISO 27001, and SOC 2 Type II.
• Collaborate with the Security Operations team to respond to security incidents and conduct forensic investigations, if required.
• Collaborate with internal stakeholders, including IT teams, application owners, and business units, to understand their IAM needs.
• Provide support and troubleshooting assistance for IAM-related issues and incidents.
• Train end users on IAM practices, tools, and self-service capabilities.

Do you have experience in Terraform?, * Hands-on experience with Okta, including Okta Identity Engine, Okta Org-to-Org, Okta Workflows, and Okta Device Access.

• Strong background in integrating identity applications using protocols such as SAML, OIDC/OAuth, and SCIM.
• Proven expertise in managing platform identity and access controls across cloud environments, including AWS IAM, GCP IAM, and other major platforms.
• Proficiency in scripting and automation using languages like Node.js, Python, or PowerShell, leveraging config-as-code and policy-as-code principles (e.g., Terraform, CI/CD pipelines) to operate consistently at scale.
• Excellent problem-solving and troubleshooting skills, with the ability to resolve complex IAM-related issues efficiently.
• A proactive mindset with a passion for continuous learning and staying ahead of evolving trends, tools, and technologies.
• Strong communication and collaboration skills, with the ability to work effectively across cross-functional teams.
• Experience operating within regulated environments (e.g., Finance, Banking, Insurance), ensuring compliance with standards and frameworks.

We're Checkout.com - you might not know our name, but companies like eBay, ASOS, Klarna, Uber Eats, and Sony do. That moment when you check out online? We make it happen. Checkout.com is where the world checks out. Our global network powers billions of transactions every year, making money move without making a fuss. We spent years perfecting a service most people will never notice. Because when digital payments just work, businesses grow, customers stay, and no one stops to think about why. With 19 offices spanning six continents, we feel at home everywhere - but London is our HQ. Wherever our people work their magic, they're fast-moving, performance-obsessed, and driven by being better every day. Ideal. Because a role here isn't just another job; it's a career-defining opportunity to build the future of fintech., We create the conditions for high performers to thrive - through real ownership, fewer blockers, and work that makes a difference from day one. Here, you'll move fast, take on meaningful challenges, and be recognized for the impact you deliver. It's a place where ambition gets met with opportunity - and where your growth is in your hands. We work as one team, and we back each other to succeed. So whatever your background or identity, if you're ready to grow and make a difference, you'll be right at home here. It's important we set you up for success and make our process as accessible as possible. So let us know in your application, or tell your recruiter directly, if you need anything to make your experience or working environment more comfortable. Life at Checkout.com We understand that work is just one part of your life. Our hybrid working model offers flexibility, with three days per week in the office to support collaboration and connection.