IAM Security Engineer at Markforged
As a Security Engineer on the Technology Operations team at Markforged, you will be a strong and independent team member passionate about securing IT environments. You have demonstrable experience securing cloud-first, SaaS-first startups, implementing security Identity & Access Management systems, building actionable alerting, and evangelizing security best practices to users. In this role you will also be a part of Markforged’s cross-functional security team spanning IT security, risk and compliance, and application security.
The goal of the Technology Operations team is to provide effective technologies and quality services that seamlessly integrate into the daily workflows of Markforged employees to safeguard information, enhance productivity, and scale in a cost-effective manner. We do this by listening to the needs of employees and maximizing the potential of the tools we offer. You will have a superb opportunity to implement and maintain secure highly effective, reliable, and innovative technologies.
- Configure and deploy JumpCloud for various target systems
- Hands-on with aggregation, workflows, tasks, rules, and roles within JumpCloud
- Strong understanding of role-based access control, separation of duties, and access approvals
- Build and maintain a privileged access inventory and privileged access management strategy
- Integrate JumpCloud with in-house applications, third-party applications, and SaaS applications for provisioning, identity authentication, and developing connectors between JumpCloud and system resources
- Build and develop systems and processes to enforce least privilege in a transparent way
- Work across functions to improve IAM solutions to enhance compliance requirements and best practices
- Work with relevant compliance teams to research and translate global regulatory requirements pertaining to access management and identity governance into technical solutions
- Lead emerging trend research, orchestrate product evaluations, and select the latest industry standards and tools
- Conduct POCs of new Access Management products and services to validate integration needs
- Manage all aspects of large, cross functional, globally distributed, and complex projects
- Creating system level diagrams for custom electronics/systems
- Ability to interface with multiple engineering disciplines
Although we list out what we generally look for, we are very likely missing other attributes and skills that you have that could make you a great fit, but are not currently listed. Research has shown this especially applies to women and other marginalized groups, who tend to apply if they check 100% of every box, versus men who apply if they hit roughly 60%. The point we’re getting at, it doesn’t hurt to take a chance and apply!
- At least 4 years of experience with IDP tools (ideally JumpCloud)
- Knowledge of IAM/IDP installation and deployment.
- Experience with SOX, SOC2, And/or FedRAMP reporting at a public company is ideal.
- 3+ years experience with domain knowledge on the following areas of IAG:
- User Lifecycle Management, Provisioning and Reconciliation
- Auditing, Reporting and user activity Monitoring
- Access Certification
- Segregation Of Duties
- Extensive experience with application design, integration and deployment in an integrated global IT environment
- Experience with cloud infrastructure platforms like AWS/Azure/GCP etc.
- Proficiency in field network topology, both theory and practical applications
- Hands-on information security experience in large enterprise environments.
- Ability to manage project constraints time, cost and quality
- Ability to collaborate across many participating teams.