Identity & SaaS Platform Engineer

As a Senior IAM & SaaS Engineer, you will be a key contributor to a specialized technology team, driving the security and lifecycle management of a complex and rapidly evolving digital ecosystem. Reporting to the Director of Technology, you will bridge the gap between high-level architectural vision and hands-on technical execution. Your primary focus will be designing and maintaining robust identity governance frameworks, automating provisioning workflows, and ensuring seamless, secure access across a global SaaS and AI portfolio.

This is a high-impact role where you will tackle complex integration challenges, from refining SSO and MFA protocols to implementing least-privilege access controls. You will play a critical role in strengthening the organization's security posture while enabling a frictionless user experience. In close collaboration with DevOps, Security, and cross-functional stakeholders, you will help modernize the identity stack, mentor team members, and influence tooling and integration decisions that support long-term scalability and compliance., * Architect and implement scalable IAM solutions, translating high-level strategies into automated identity lifecycle workflows (Joiner, Mover, Leaver)

• Serve as a technical lead for the SaaS ecosystem, ensuring applications are integrated via SSO (SAML/OIDC) and provisioned through SCIM-based automation
• Design, implement, and enforce security controls including Conditional Access policies, Zero Trust principles, and regular access reviews
• Partner with cross-functional teams to standardize IAM patterns, contribute to sprint-based delivery, and support on-call escalation as needed
• Evaluate, test, and onboard new SaaS tools, ensuring alignment with security, compliance, and operational standards
• Develop and maintain technical documentation for IAM configurations, integrations, and workflows
• Drive adoption of intelligent automation and orchestration across identity and SaaS workflows to minimize manual intervention and improve operational efficiency
• Mentor junior engineers and provide technical leadership across IAM and SaaS initiatives

• 5+ years of experience in Identity & Access Management, with a strong focus on SaaS environments
• Deep expertise in authentication and provisioning protocols including SAML 2.0, OAuth 2.0, OpenID Connect (OIDC), and SCIM
• Hands-on experience with enterprise identity platforms such as Okta, Azure AD (Entra ID), or Ping Identity
• Strong scripting and automation skills (Python, PowerShell, or Go) and experience with Infrastructure as Code tools such as Terraform
• Proven experience managing and integrating enterprise SaaS applications (e.g., Slack, Zoom, Salesforce, GitHub)
• Strong understanding of security frameworks including least privilege, Zero Trust, and identity governance
• Ability to communicate complex technical concepts and risks to non-technical stakeholders and collaborate effectively across teams.
• Regular, on-site attendance at the workplace a minimum of 3 days per week is an essential function of the position. Selected candidate must be able to reliably meet this requirement.

NICE TO HAVE, BUT NOT A DEALBREAKER

• Experience supporting AI-enabled tools and platforms within a SaaS environment
• Familiarity with compliance frameworks such as SOX, SOC 2, or ISO 27001
• Experience with identity governance and administration (IGA) tools
• Background in vendor management and SaaS procurement processes
• Experience working in large-scale media, entertainment, or technology organizations
• Familiarity with applying AI/automation to operations, access reviews, or anomaly detection

#Ll-CC1

Pursuant to state and local pay disclosure requirements, the pay rate/range for this role, with final offer amount dependent on education, skills, experience, and location is $143,000.00-170,000.00 annually. This role is also eligible for an annual discretionary bonus, various benefits, including medical/dental/vision, insurance, a 401(k) plan, paid time off, and other benefits in accordance with applicable plan documents. Benefits for Union represented employees will be in accordance with the applicable collective bargaining agreement.