Senior IAM Engineer - FedRAMP

Rubrik
Pierre, United States of America
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 272K

Job location

Remote
Pierre, United States of America

Tech stack

Microsoft Access
API
Amazon Web Services (AWS)
Data analysis
Application Integration Architecture
Computing Platforms
Automation of Tests
Azure
Software as a Service
Cloud Computing
Cloud Computing Security
Computer Security
Data Security
Identity and Access Management
Key Management
Network Security
OAuth
OpenID
Oracle Applications
Password Management
Role-Based Access Control
Openid Connect
Azure
Zero Trust Network Access
Security Assertion Markup Language (SAML)
Systems Integration
User Provisioning Software
Virtualization Technology
Software Vulnerability Management
Privacy Controls
Policy as Code
Data Logging
Google Cloud Platform
Cloud Platform System
Okta
Cyberark
Customer Identity Access Management
SailPoint
Terraform

Job description

Rubrik is seeking a highly skilled and experienced Senior IAM Engineer to join our Identity & Access Management team, reporting directly to the Senior Manager. In this pivotal role, you will design, implement, and operate secure workforce identity services for Rubrik's RSC-G environment. You will own Okta& SailPoint administration in FedRAMP Moderate/High contexts, implement strong authentication and authorization controls (MFA, device trust, network zones), integrate SCIM and SSO for SaaS and GovCloud platforms, and partner with InfoSec, Network, CloudOps, and IAM Governance (SailPoint) to sustain compliance, availability, and audit readiness.The same responsibilities will be applicable to Okta Commercial Instance.

What you'll do:

  • Strategy & Architecture: Develop the overall IAM strategy, security frameworks, and architecture for enterprise-wide access control.
  • Cloud & Infrastructure: Design IAM solutions for cloud and on-premise environments, supporting access management, SSO, and identity federation.
  • Privileged Access Management (PAM): Implement and manage PAM solutions to control access to sensitive accounts and systems.
  • Identity Lifecycle Management: Automate processes for user provisioning, de-provisioning, and identity lifecycle management.
  • Policy & Governance: Develop IAM policies, standards, and automation frameworks to ensure compliance with industry best practices and regulations (e.g., NIST, GDPR).
  • Collaboration: Partner with engineering, operations, and business teams to ensure IAM solutions align with business needs.
  • Security & Compliance: Ensure the confidentiality, integrity, and availability of IAM systems and data while supporting audits and risk assessments.
  • Application Integration: Implementing and scaling identity protocols like SAML, OIDC, OAuth, and SCIM.
  • Security Configuration: Developing robust access controls (RBAC, ABAC) and enhancing security with MFA, Adaptive MFA, and Device Trust.
  • UAR & SOX: Leading User Access Reviews, contributing to audit evidence, and operationalizing logging and monitoring for compliance.
  • Automations: Automating identity workflows using Okta Workflows, APIs, and Terraform.
  • FedRAMP: Administering and enhancing Okta & SailPoint for FedRAMP environments and integrating with U.S. GovCloud services., This position carries special Security and Privacy Responsibilities for protecting the U.S. Federal Government's interests:
  • Know, acknowledge, and follow system-specific security policies and procedures;
  • Protect data and individual privacy per requirements and regulations;
  • Perform ongoing activities in compliance with service and contractual obligations;
  • Participate in role-based training, completing assignments on a timely basis;
  • Report security issues promptly, and aid investigation when needed;
  • Support controlled changes and vulnerability remediation activities; and
  • Work collaboratively with Information Security in designing, implementing, assessing or enhancing system-specific security and privacy controls.

Requirements

  • Experience: Minimum of 8 years of progressive experience in Identity and Access Management (IAM), with a strong emphasis on SailPoint Identity Security Cloud (ISC) or comparable enterprise-grade IAM platforms (e.g., Saviynt, OneLogin, Microsoft Entra ID, Oracle Identity Governance); and experience administering Okta in enterprise environments with hands-on ownership of SSO, SCIM provisioning, Okta Workflows, API automation, and policy management.
  • Platform Expertise : Deep, hands-on expertise with SailPoint Identity Security Cloud (ISC) architecture, including advanced knowledge of its features ( Dynamic access roles, Password management, Access certification, Account management, Automated provisioning, Compliance Control, Data access Governance, Reporting, Role management, Access request, Identity Analytics, Identity lifecycle management, Identity Governance, Access Management, Privileged access management (pam) ), the platform functionalities, connectors, and best practices.Proficiency with modern IAM platforms (e.g., Okta, Azure AD, SailPoint, CyberArk).
  • Protocols: Understanding of identity protocols such as SAML, OpenID Connect, and OAuth.
  • Cloud IAM Proficiency : Demonstrable experience implementing and managing IAM solutions within leading cloud environments such as AWS, Azure, or Google Cloud Platform.
  • SailPoint Virtual Appliances (VAs): Comprehensive understanding of SailPoint Virtual Appliance deployment, configuration, and advanced troubleshooting, including knowledge of underlying virtualization platforms, network security, and SailPoint's APIs, connectors, and integrations.
  • Automations: Skills in designing and implementing automated IAM workflows.
  • Security Knowledge: Profound understanding of Identity Governance, Privileged Access Management (PAM) principles, and Access Certification processes.
  • Risk & Compliance: Knowledge of regulatory requirements (e.g., SOX, HIPAA, GDPR) and how they apply to IAM., * Okta or SailPoint certifications (Professional, Administrator, Consultant, or Architect).
  • Hands-on experience with Okta Workflows, Access Requests, Identity Governance, and Okta ASA.
  • IGA/PAM experience (e.g., SailPoint, Saviynt, CyberArk).
  • Experience securing CIAM and customer-facing identity journeys.
  • Security engineering background with Zero Trust, secrets management, and policy-as-code practices.

Others:

  • Collaborate with an India-based team.
  • Demonstrate strong leadership qualities.
  • Possess a solid understanding of change management processes.

Benefits & conditions

The minimum and maximum base salaries for this role are posted below; additionally, the role is eligible for bonus potential, equity and benefits. The range displayed reflects the minimum and maximum target for new hire salaries for the role based on U.S. location. Within the range, the salary offered will be determined by work location and additional factors, including job-related skills, experience, and relevant education or training.

US (SF Bay Area, DC Metro, NYC, Seattle) Pay Range

$181,600-$272,400 USD

The minimum and maximum base salaries for this role are posted below; additionally, the role is eligible for bonus potential, equity and benefits. The range displayed reflects the minimum and maximum target for new hire salaries for the role based on U.S. location. Within the range, the salary offered will be determined by work location and additional factors, including job-related skills, experience, and relevant education or training.

US2 (all other US offices/remote) Pay Range

$163,400-$245,200 USD

Join Us in Securing and Accelerating the World's AI Transformation

Rubrik (RBRK), the Security and AI Operations Company, leads at the intersection of data protection, cyber resilience, and enterprise AI acceleration. Rubrik Security Cloud delivers complete cyber resilience by securing, monitoring, and recovering data, identities, and workloads across clouds. Rubrik Agent Cloud accelerates trusted AI agent deployments at scale by monitoring and auditing agentic actions, enforcing real-time guardrails, fine-tuning for accuracy and undoing agentic mistakes.

Linkedin (https://www.linkedin.com/company/rubrik-inc/mycompany/verification/) | X (formerly Twitter) (https://twitter.com/rubrikinc) | Instagram (https://www.instagram.com/rubrikinc/) | Rubrik.com

About the company

Rubrik Corp IT is constructed of 100% SaaS and 0% on-premises. The IT team caters to accelerated enhancement of business value and multiple day-to-day business processes through our varied SaaS applications like Salesforce.com , Oracle Netsuite, Workday, Snowflake, Etrade, jitterbit, Allocadia, etc. This team also delivers high-paced business outcomes with 100% system uptime backed by agile, nimble, simple, but cohesive Cloud architectures., At Rubrik, we are dedicated to fostering a culture where people from all backgrounds are valued, feel they belong, and believe they can succeed. Our commitment to inclusion is at the heart of our mission to secure the world's data. Our goal is to hire and promote the best talent, regardless of background. We continually review our hiring practices to ensure fairness and strive to create an environment where every employee has equal access to opportunities for growth and excellence. We believe in empowering everyone to bring their authentic selves to work and achieve their fullest potential. Our inclusion strategy focuses on three core areas of our business and culture: * Our Company: We are committed to building a merit-based organization that offers equal access to growth and success for all employees globally. Your potential is limitless here. * Our Culture: We strive to create an inclusive atmosphere where individuals from all backgrounds feel a strong sense of belonging, can thrive, and do their best work. Your contributions help us innovate and break boundaries. * Our Communities: We are dedicated to expanding our engagement with the communities we operate in, creating opportunities for underrepresented talent and driving greater innovation for our clients. Your impact extends beyond Rubrik, contributing to safer and stronger communities.

Apply for this position