Senior Staff Identity and Access Management Engineer

• Lead execution and adoption of modern authentication and authorization mechanisms (SAML, OIDC/OAUTH2)
• Engage peers and leaders at all levels
• Consistently share best practices and improve processes within and across teams
• Determine and support resource requirements, evaluate operational processes, measure outcomes to ensure desired results, and demonstrate adaptability and sponsoring continuous learning
• Own the complete project lifecycle for application integrations of both on-premises and SaaS applications with our IGA platform
• Collaborate with application team to implement tokenization solutions that reduce sensitive data exposure, thereby enhancing data security and minimizing the risk of unauthorized access
• Stay at the forefront of emerging identity trends, technologies, and best practices, and apply this knowledge to enhance GEICO’s data protection strategies
• Provide technical guidance and mentorship to the team, fostering a culture of innovation, collaboration, and continuous improvements
• Collaborate with cross-functional teams, including security, compliance, and application teams to ensure the seamless integration and alignment of solutions with organizational goals
• Build resilient and scalable architecture, driving innovation and cost efficiency

• 10+ years of professional experience in technology or identity engineering
• 8+ years of experience with security, identity, architecture, and design
• 4+ years of experience with open-source frameworks is desired
• 4+ years of experience with AWS, GCP, Azure, or another cloud service
• 1+ years of people management experience
• Bachelor’s degree in computer science, Information Systems, or equivalent education or work experience
• Experience building the architecture and design (architecture, design patterns, reliability, and scaling) of new and current systems
• Fluency in DevOps Concepts, Cloud Architecture, and the Software Development Lifecycle
• Experience in security protocols and products: Understanding of Active Directory, Kerberos, LDAP, SAML, OAuth, and OIDC
• Experience with continuous delivery and infrastructure as code
• Knowledge of developer tooling across the software development life cycle (task management, source code, building, deployment, operations, real-time communication)
• Experience with micro-services oriented architecture and extensible REST APIs
• In depth knowledge of Datacenter structure, capabilities, and offerings, including the Azure platform, and its native services including the Azure platform and its native services
• Fluency and specialization with at least one modern language such as Java, Go, or Python
• In depth expertise in cryptographic protocols, digital certificates, and encryption standards such as X.509, Transport Layer Security (TLS), and Advanced Encryption Standard (AES)
• Strong problem-solving abilities and a proactive approach to identifying and mitigating security risks and vulnerabilities
• Excellent communication skills, able to communicate complete technical concepts to technical and non-technical stakeholders

4+ years of experience with open-source frameworks is desired

• Comprehensive Total Rewards program that offers personalized coverage tailor-made for you and your family’s overall well-being
• Financial benefits including market-competitive compensation
• a 401K savings plan vested from day one that offers a 6% match
• performance and recognition-based incentives
• and tuition assistance
• Access to additional benefits like mental healthcare as well as fertility and adoption assistance
• Supports flexibility- We provide workplace flexibility as well as our GEICO Flex program, which offers the ability to work from anywhere in the US for up to four weeks per year