CrawlJobs Logo

Senior Staff Identity and Access Management Engineer

United States, Chevy Chase 120000.00 - 260000.00 USD / Year · Job Posted February 21, 2026
Apply Position
Job Link Share

Job Description

GEICO is seeking an experienced Engineer with a passion for building high performance, minimal maintenance, zero-downtime platforms, and applications. You will help drive our insurance business transformation as we transition from a traditional IT model to a tech organization with engineering excellence as its mission. Our Senior Staff Engineer is a key member of the engineering staff, working across the organization to provide friction-less experience for our customers and maintain the highest standards of compliance, protection and availability. You will be part of a team that thrives and succeeds in delivering high quality technology products and services in a hyper-growth environment where priorities shift quickly. The ideal candidate has broad and deep technical knowledge of the Identity Directory Services and solutions that ensure secure authorization to GEICO’s data assets.

Job Responsibility

  • Lead execution and adoption of modern authentication and authorization mechanisms (SAML, OIDC/OAUTH2)
  • Engage peers and leaders at all levels
  • Consistently share best practices and improve processes within and across teams
  • Determine and support resource requirements, evaluate operational processes, measure outcomes to ensure desired results, and demonstrate adaptability and sponsoring continuous learning
  • Own the complete project lifecycle for application integrations of both on-premises and SaaS applications with our IGA platform
  • Collaborate with application team to implement tokenization solutions that reduce sensitive data exposure, thereby enhancing data security and minimizing the risk of unauthorized access
  • Stay at the forefront of emerging identity trends, technologies, and best practices, and apply this knowledge to enhance GEICO’s data protection strategies
  • Provide technical guidance and mentorship to the team, fostering a culture of innovation, collaboration, and continuous improvements
  • Collaborate with cross-functional teams, including security, compliance, and application teams to ensure the seamless integration and alignment of solutions with organizational goals
  • Build resilient and scalable architecture, driving innovation and cost efficiency

Requirements

  • 10+ years of professional experience in technology or identity engineering
  • 8+ years of experience with security, identity, architecture, and design
  • 4+ years of experience with open-source frameworks is desired
  • 4+ years of experience with AWS, GCP, Azure, or another cloud service
  • 1+ years of people management experience
  • Bachelor’s degree in computer science, Information Systems, or equivalent education or work experience
  • Experience building the architecture and design (architecture, design patterns, reliability, and scaling) of new and current systems
  • Fluency in DevOps Concepts, Cloud Architecture, and the Software Development Lifecycle
  • Experience in security protocols and products: Understanding of Active Directory, Kerberos, LDAP, SAML, OAuth, and OIDC
  • Experience with continuous delivery and infrastructure as code
  • Knowledge of developer tooling across the software development life cycle (task management, source code, building, deployment, operations, real-time communication)
  • Experience with micro-services oriented architecture and extensible REST APIs
  • In depth knowledge of Datacenter structure, capabilities, and offerings, including the Azure platform, and its native services including the Azure platform and its native services
  • Fluency and specialization with at least one modern language such as Java, Go, or Python
  • In depth expertise in cryptographic protocols, digital certificates, and encryption standards such as X.509, Transport Layer Security (TLS), and Advanced Encryption Standard (AES)
  • Strong problem-solving abilities and a proactive approach to identifying and mitigating security risks and vulnerabilities
  • Excellent communication skills, able to communicate complete technical concepts to technical and non-technical stakeholders

Nice to have

4+ years of experience with open-source frameworks is desired

What we offer

  • Comprehensive Total Rewards program that offers personalized coverage tailor-made for you and your family’s overall well-being
  • Financial benefits including market-competitive compensation
  • a 401K savings plan vested from day one that offers a 6% match
  • performance and recognition-based incentives
  • and tuition assistance
  • Access to additional benefits like mental healthcare as well as fertility and adoption assistance
  • Supports flexibility- We provide workplace flexibility as well as our GEICO Flex program, which offers the ability to work from anywhere in the US for up to four weeks per year

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Senior Staff Identity and Access Management Engineer

8 matching positions

Senior Director - Global Identity & Access Management

The Senior Director of Global Identity & Access Management is accountable for su...
Location
Location
United States , Houston
Salary
Salary:
Not provided
sysco.com Logo
Sysco
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15+ years of experience in Cybersecurity and or information risk management
  • 10+ years experience with Identity & Access Management
  • Experience establishing and maintaining budgets
  • Experience managing large, complex, global projects
  • Excellent communication skills, with an ability to tailor and engage communication across all levels of the organization
  • Background and familiarity with design and implementation of Single Sign On (SSO), Multi-Factor Authentication (MFA), and Privileged Access Management (PAM) controls and platforms
Job Responsibility
Job Responsibility
  • Develop and maintain the budget which operates the team
  • Manage and maintain Sysco’s IAM program and global team including IAM operations center, vendor relationships, and the necessary technology
  • Act as the lead on all major IAM incidents
  • Ensure 24x7 operations of IAM tools and processes
  • Assist initiatives related to security awareness and buy-in through IAM and enterprise operations, facilitating staff to support security operations within enterprise and across IAM services, coordination of business apps utilized across enterprise, and functions in the design of security controls relevant to Account provisioning/deprovisioning, Single Sign On (SSO), Multi-Factor Authentication (MFA), and Privileged Access Management (PAM) platforms, and Key Management
  • Support the operation of enterprise access management services provided by IT, including Single Sign On (SSO), Multi- Factor Authentication (MFA), and Privileged Access Management (PAM) platforms
  • Provide reporting to leadership regarding the status of security relevant IAM operational metrics and strategic initiatives
  • Coordinate Enterprise IAM initiatives with Cybersecurity initiatives
  • Provide feedback on Cybersecurity controls and Standards applying to the enterprise environment, in coordination with Security Architecture & Engineering, and the Cybersecurity Risk and Compliance Management functions
  • Oversee operation of security controls and processes within the IAM environment as designated by the CISO and in accordance with negotiated SLAs
  • Fulltime
Read More
Arrow Right

Staff Cybersecurity Engineer - PKI/Secrets Management

The Role: We’re looking for a senior, self-driven Cyber Security Engineer to ow...
Location
Location
United States , Austin; Warren
Salary
Salary:
Not provided
gm.com Logo
General Motors
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Mathematics, Physics, or equivalent senior-level industry experience
  • 7+ years experience in enterprise security engineering or Site Reliability Engineering (SRE), with direct responsibility for high-availability security or cryptographic services
  • 7+ years experience with enterprise secrets management platforms (e.g., HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, BeyondTrust), including architecture, operations, and integration at scale
  • Strong understanding of public-key cryptography, PKI, and modern cryptographic protocols, with the ability to make pragmatic, risk-informed design decisions
  • Demonstrated experience designing, operating, and evolving production PKI systems (root and issuing CAs, CRL/OCSP, certificate lifecycle, and policy governance)
  • Proficiency with infrastructure-as-code (e.g., Terraform) and engineering practices that enable repeatable, auditable, and secure deployments
  • Working knowledge of major cloud platforms (AWS, GCP, Azure) and how to integrate PKI and secrets management with cloud-native services
  • Experience with containerization, orchestration (e.g., Kubernetes), and CI/CD workflows, including secure delivery patterns and secrets handling
  • Excellent communication skills, with a track record of presenting complex technical concepts, trade-offs, and recommendations to engineering and executive audiences
  • Strong threat modeling and security architecture skills, with the ability to anticipate abuse cases and design for resilience
Job Responsibility
Job Responsibility
  • Setting the technical vision and architecting, implementing, and operating scalable, highly available PKI and secrets management services for the enterprise
  • Owning design decisions that shape internal trust models, cryptographic architectures, and access patterns for the most sensitive data and systems
  • Defining, implementing, and continuously improving policies, processes, and controls for the full lifecycle of keys, certificates, and secrets across diverse platforms
  • Influencing and aligning engineering, infrastructure, and leadership teams to deliver robust, observable, and compliant cryptographic systems
  • Mentoring and developing engineers, raising the bar for technical excellence, and driving consistent best practices for cryptographic and secrets management across the organization
  • Advising senior leadership on long-term security architecture strategy, trade-offs, and investment priorities related to identity, PKI, and secrets management
  • Providing operational leadership, including participation in on-call rotations for global, mission-critical services and driving post-incident improvements
  • Leading HSM strategy, including architecture, platform selection, appliance consolidation, and multi-year roadmap planning in alignment with enterprise security and compliance goals
  • Fulltime
Read More
Arrow Right

Unix - Senior Cloud - Digital Engineering Sr. Staff Engineer

Location
Location
India , Noida
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Should have a minimum of 8 to 10 years of experience as a Linux/Unix System Administrator. Should have expertise on at least 2 flavors of Unix. Linux is a must!
  • Should have a deep level of understanding of Linux OS & should be able to handle day to day admin tasks.
  • Should be well versed shell scripting.
  • Expert in Unix-Linux, AWS Cloud Administration, OS/server administration, patching, maintenance, and troubleshooting.
  • Proficient in operating and troubleshooting AWS services like EC2, networking, RDS, backups, storage (EBS, EFS, S3, Glacier), and security (Well-Architected framework).
  • Possesses a strong understanding of networking concepts for configuring secure VPCs, subnets, landing zones, ACLs, and security groups.
  • Experience in end-to-end cloud migrations, including strategy, assessment, design, architecture, and execution on AWS.
  • Skilled in identifying and migrating suitable applications and workloads, gathering migration requirements, and collaborating with stakeholders.
  • Good knowledge of various AWS services like Lambda, SNS, SQS, DynamoDB, OpenSearch, Transfer Family, CloudWatch, EC2, EFS, EKS, Step Functions, ELB, ACM, Directory Services, and networking.
  • Hands-on expertise in designing, architecting, deploying, and supporting hybrid cloud environments.
Job Responsibility
Job Responsibility
  • Perform installation, customization and maintenance of the UNIX-LINUX Server operating system and system software products in support of business processing requirements for both On-premise and Cloud environment
  • Evaluate and integrate new operating system versions, drivers and hardware.
  • Provides in-depth diagnosis for operating systems software/hardware failures and develops solutions.
  • Monitors and tunes the system to achieve optimum performance levels in standalone and multi-tiered environments.
  • Conducts system analysis, configuration management and develops improvements for system software performance, availability and reliability.
  • Implements appropriate levels of system security. Maintain security patching and remediating vulnerabilities, propose solutions for the same.
  • Perform incident resolution, problem determination and root cause analysis in accordance with service level. Knowledge of ITIL.
  • Recommend and implement modifications to the server environment, Innovation, Ideas to improve
  • Preparation of Standard Documents and periodically review them for modifications
  • Identifies opportunities for process and procedure enhancements to drive efficiency and customer service levels.
  • Fulltime
Read More
Arrow Right

Senior Engineer - IT Support

At 8x8, we’re not just building great communications technology - we’re reimagin...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
8x8
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Technology, or a related field
  • Must possess relevant experience in IT Support or IT Operations roles
  • Demonstrated enthusiasm for AI tools and a habit of applying them to real work - not just awareness of them
  • A mindset of curiosity: you read about what's changing in IT and AI, and you experiment
  • The ability to work and think independently, be a self-starter, take initiative, and be highly effective with or without detailed work direction is an absolute must
  • Must be able to work non-traditional work hours as needed (including from home over high-speed Internet (not provided)), and occasional off hours to control interruptions to critical services and minimize business impact
  • Ability to work in-person at the 8x8 Singapore location full-time (5 days per week) with flexibility to cover any of the 7 days of the week (1 George St, #22-03/04 One George Street, Singapore 049145)
  • Ability to (potentially frequently) lift and move equipment weighing throughout the office for various business needs
  • The person in this position needs to occasionally move about inside the office to access and deploy IT equipment to multiple office floors, and within various physical conditions and environments
Job Responsibility
Job Responsibility
  • Actively use AI tools (including 8x8's approved platforms: Airia, Google Gemini, Claude) to accelerate your own work - from drafting documentation to triaging incidents and analyzing patterns
  • Identify and implement AI-driven workflow automation opportunities across IT operations processes
  • Contribute ideas and build lightweight automations using tools like n8n, BetterCloud, and AI-native integrations to reduce manual toil
  • Advocate for AI-assisted approaches within the team, sharing what works and helping colleagues build their own AI fluency
  • Support PCs and Macs, managing laptop builds and lifecycle processes
  • Own, administer, and continuously improve our endpoint security platform stack - including MDM (mobile device management), BYOD/Work Application Isolation, DLP (data loss prevention), Data Containment, and Zero Trust access controls - serving as the team's primary SME across these domains
  • Support user onboarding/offboarding and productivity tooling, leveraging automation where possible
  • Staff our end-user IT Support walk-up desk - real-time triage, assistance, and issue remediation
  • Act as the primary platform owner for MDM - evaluating, deploying, and administering mobile device management tooling for both corporate-owned and BYOD endpoints across Windows, macOS, iOS, and Android
  • Own and operate BYOD and Work Application Isolation platforms (e.g. Venn Blue Border, Ivanti/MobileIron), defining policy, onboarding workflows, and data containment boundaries to enable secure access from unmanaged personal devices
  • Fulltime
Read More
Arrow Right

Senior Staff Architect - Digital Workplace

The Digital Workplace Team at American Express is entering into a new phase of t...
Location
Location
United States , New York
Salary
Salary:
144250.00 - 256250.00 USD / Year
americanexpress.com Logo
Amex
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A passion for End User Computing and employee-facing technology
  • Extensive, recent experience with all aspects of managing 25k+ Windows devices, including (but not limited to) MECM, SCCM, MSUS and Intune
  • Hands-on experience with least two of the following at enterprise scale: Managing Macs with JAMF
  • Mobile Device Management with Intune or VMWare
  • VDI with VMWare or Citrix
  • Senior engineering responsibility for a transformation to Modern Management / UEM
  • Experience with endpoint security products including Symantec DLP, Crowdstrike and Tanium
  • Experience with identity and access management tools including Azure AD and Okta
  • Exposure to digital experience monitoring tools like Nexthink, or ThousandEyes
  • Experience growing and nurturing engineering talent
Job Responsibility
Job Responsibility
  • Develop enterprise architecture and technology roadmap for the Digital workplace portfolio of platforms and technologies
  • Actively participate in team and organization-wide architecture and engineering discussions
  • Perform rapid POCs to experiment and build rails for the engineering / product teams
  • Support engineers and project managers in rapid development and deployment
  • Introduce enterprise architectural paradigms and solutions into the portfolio
  • Communicate to senior leaders regarding strategy direction and changes
  • Mentor engineers and solution architects to ensure technology complexities are understood very clearly to implement solutions expeditiously with high quality
What we offer
What we offer
  • Competitive base salaries
  • Bonus incentives
  • 6% Company Match on retirement savings plan
  • Free financial coaching and financial well-being support
  • Comprehensive medical, dental, vision, life insurance, and disability benefits
  • Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need
  • 20+ weeks paid parental leave for all parents, regardless of gender, offered for pregnancy, adoption or surrogacy
  • Free access to global on-site wellness centers staffed with nurses and doctors (depending on location)
  • Free and confidential counseling support through our Healthy Minds program
  • Career development and training opportunities
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

As a Senior Corporate Security Engineer, you will lead the design and operation ...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
deliveroo.co.uk Logo
DELIVER
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or equivalent practical experience
  • 5+ years’ experience in Security Engineering, Corporate Security, Detection & Response, or a related field
  • Hands-on experience administering IAM platforms (e.g. Okta, GoogleWorkspace)
  • Deep hands-on experience with GoogleWorkspace products
  • Practical hands-on experience with Cloud platforms (e.g AWS, GCP)
  • Relevant and practical experience with Infrastructure-as-code (e.g Terraform)
  • Experience implementing modern authentication standards (FIDO2, WebAuthn, SAML, OAuth 2.0, OpenID Connect)
  • Practical experience securing macOS, Windows and Linux endpoints using MDM and EDR/XDR tooling
  • Experience operating SIEM and/or SOAR platforms and tuning detection logic
  • Experience with vulnerability management and patch governance
Job Responsibility
Job Responsibility
  • Architecture & Control Implementation: Design, deploy, and maintain core corporate security controls, including phishing-resistant MFA, Just-In-Time (JIT) access, strict role-based access control (RBAC), zero-trust architectures, device and identity bound proofing and modern network isolation
  • Tooling Ownership: Serve as the technical owner for a broad suite of corporate security systems, managing deployments, configurations, and API integrations for tools across the corporate environment
  • Technical Leadership: Lead and implement the technical strategy for Endpoint Device trust, Data Loss Prevention, Intellectual property storage, and SaaS application security, alongside wider corporate security technical controls
  • Automation & Engineering: Write scripts and build tools to automate security workflows, incident response tasks, and audit evidence collection for compliance
  • Cross-Functional Collaboration: Work with IT and business operations to integrate security tools into everyday workflows, and guide non-security teams to adopt secure baselines (e.g., CIS Benchmarks) as standard practice
  • Mentorship: Mentor junior and mid-level engineers, explain technical concepts clearly to non-technical staff, and help improve the team's engineering standards
What we offer
What we offer
  • Competitive and comprehensive compensation and benefits package
  • Up to 5% matched pension contributions
  • Eligibility for share awards
  • Free Deliveroo Plus
  • Team lunches from the best local restaurants
  • 25 days annual leave plus bank holidays, increasing with length of time spent working at Deliveroo
  • One day of paid leave per year to volunteer with a registered charity
  • Funded single cover healthcare on our core plan, with the option to add family members at own cost
  • On-site gym (HQ), discounted external gym membership
  • Access to wellbeing apps such as LesMills+, Strava, Headspace, Yogaia via GymPass
  • Fulltime
Read More
Arrow Right

Software Engineer, Backend_Identity & User Security

Become an integral part of our Identity& User Security team, where you will play...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
airwallex.com Logo
Airwallex
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree or higher in Computer Science, Engineering, Information Technology, or a related field
  • Strong proficiency in modern programming languages such as Java, Kotlin, Go, or Python
  • Deep understanding of Identity and Access Management (IAM) concepts (Authentication, Authorization, SSO, MFA)
  • Experience with cloud platforms (AWS, GCP, or Azure) and containerization technologies (Docker, Kubernetes)
  • Solid knowledge of relational and non-relational databases (e.g., PostgreSQL, Cassandra, Redis)
  • For Staff level: around 10 years or at least 8 years experience
  • For Senior software engineers: around 6 years or at least 5 years engineering experience
  • For SDE2 engineers: over 3 years or at least 2 years engineering experience
Job Responsibility
Job Responsibility
  • Define the long-term technical vision and architectural strategy for Airwallex’s Identity (IAM) and account infrastructure domains
  • Partner closely with Product Managers and Engineering Directors to translate business goals into a concrete technical roadmap
  • Act as the technical bridge between Engineering, Legal, Compliance, and Security teams to ensure our technical roadmap aligns with global regulatory changes
  • Design, develop, and maintain high-availability (HA) IAM products and account infrastructure using Java/Kotlin and cloud-native technologies
  • Implement industry-standard security protocols (e.g., OAuth2, OIDC, SAML) to safeguard business data and ensure compliance with global financial regulations
  • Architect and optimize scalable infrastructure solutions to support high transaction volumes and ensure system reliability
  • Champion engineering excellence by conducting code reviews, writing automated tests, and establishing best practices for performance and security
  • Mentor junior and senior engineers through code reviews, design docs, and career guidance
  • Establish and enforce standards for code quality, security, and system reliability
  • Fulltime
Read More
Arrow Right

Staff Technical Support Engineer, Focused Services, NGFW

As a designated customer advocate under Focused Services, you will work firsthan...
Location
Location
United States , Plano
Salary
Salary:
117000.00 - 189200.00 USD / Year
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of progressive, advanced experience in network operations, infrastructure engineering, or enterprise cybersecurity support
  • Education: Bachelor’s or Master's degree in Computer Science, Information Technology, Computer Architecture, or equivalent practical/military experience
  • Mastery-Level Network Analysis: Comprehensive, authoritative knowledge of multi-vendor networking fabrics, complex routing architectures (e.g., advanced BGP topologies, OSPF, EIGRP), packet-level micro-flows, and deep OSI-layer fault isolation
  • Enterprise Security Architecture: Expert-level mastery of Next-Generation Firewalls (NGFW), Cloud Security Access Brokers (CASB), SASE architectures, Zero Trust network access (ZTNA), and advanced cryptographic tunneling protocols (IPsec, SSL/TLS)
  • Identity & Modern Authentication Frameworks: In-depth technical proficiency with cloud-forward identity provider systems (IdP) and single sign-on (SSO) frameworks using advanced authentication protocols (e.g., SAML 2.0, OIDC, OAuth, along with standard RADIUS, TACACS+, and LDAP setups)
  • Systemic Project & Time Optimization: Demonstrated success in leading cross-functional initiatives, balancing strategic architectural engineering projects alongside high-priority customer commitments
Job Responsibility
Job Responsibility
  • Acutest Escalation Tier: Serve as the ultimate internal escalation point for the most complex, multi-layered, and critical technical emergencies globally, taking definitive technical ownership to resolve structural network security crises
  • Product Serviceability & Engineering Interface: Partner directly with Development, QA, and Product Management to identify systemic software defects, steer product feature roadmaps based on support data, and design proactive architectural solutions that minimize support overhead
  • Innovation & Support Automation: Pioneer advanced automated diagnostics, custom log parsing scripts, and predictive troubleshooting playbooks
  • Strategic Knowledge & Thought Leadership: Establish industry-leading documentation standards
  • author comprehensive, high-impact Technical Support Bulletins, advanced architecture whitepapers, and authoritative root-cause analysis documents for broad internal and external consumption
  • Global Talent Enablement: Design, build, and deliver technical onboarding curriculums and advanced training frameworks
  • Actively mentor Senior and Core Support Engineers, conduct technical candidate screenings, and calibrate technical standards across global support theaters
  • Executive Advocacy: Act as a critical technical voice in Quarterly Business Reviews (QBRs) and high-stakes executive interactions, translating intricate, cross-vendor engineering issues into precise, business-impact terms for C-level stakeholders
  • Fulltime
Read More
Arrow Right