Staff Security Engineer - Identity

Were seeking an experienced Staff Security Engineer with a strong passion for Identity and Access Management. In this role youll have the opportunity to shape and implement cuttingedge identity management strategies to protect access to all systems of Marqeta.

Join us in building a secure and frictionless Identity and Access management program where youll play a crucial part in:

• Building and growing the Identity Governance and Administration program
• Implementing Privileged Access Management in a Cloud First environment
• Architecting and designing a Certificate Lifecycle Management service

The ideal candidate will have a deep expertise across identity security disciplines along with good written and oral communication skills.

The Impact Youll Have:

• Develop and implement robust IAM strategies and architectures to meet organizations security compliance and operational needs.
• Contribute to the design implementation and maintenance of the Identity Security program including Identity Governance and Administration (IGA) Privileged Access Management (PAM) Access Management (AM) Secrets Management and Certificate Lifecycle Management.
• Integrate IAM systems with cloud applications SaaS and other IT services.
• Automate provisioning deprovisioning and other role management processes.
• Maintain systems for Single SignOn (SSO) MultiFactor Authentication (MFA) and password management
• Develop and manage processes to ensure leastprivilege and zerotrust access principles.
• Collaborate with senior leadership to evaluate and recommend IAM best practices into enterprise security strategies.
• Lead IAMrelated projects working closely with crossfunctional teams such as Technology DevOps and Security
• Mentor and provide technical guidance to junior engineers and team members
• Streamline IAM processes through automation and advanced technologies.
• Enforce IAM policies standards and controls to address IAMrelated threats and vulnerabilities
• Stay current with industry trends and emerging technologies to recommend enhancements.

Who You Are:

• A minimum of 8 years related experience with a Bachelors degree; or 5 years and a Masters degree; or a PhD with 3 years experience; or equivalent combination of related education and work experience.
• Proficiency in IAM tools (e.g. Okta CyberArk Ping Identity SailPoint)
• Strong knowledge of identity governance RBAC PAM and cloudbased IAM solutions.
• Knowledge of LADAP Active Directory (AD) and cloudbased directories
• Familiarity with compliance frameworks and standards (e.g. NIST SOC 2 PCI DSS).
• Exceptional problemsolving and project management skills.
• Experience in automating deploying and supporting largescale projects
• Experience with cloud environments (e.g. AWS Azure GCP) and Infrastructure as Code (IaC) tools such as Terraform or CloudFormation.
• Deep understanding of protocols such as SAML OAuth OpenID Connect and Kerberos.
• Strong communication and interpersonal skills to work effectively with stakeholders at all levels.
• Proficiency with scripting or programming languages (e.g. PowerShell Python) for automating IAM processes.
• Work with developers DevOps and IT teams to integrate Identity tools into existing workflows
• Troubleshoot Access related issues in a cloud environment and provide ongoing maintenance.

Nice to have

• Relevant certifications such as CISSP CISM or IAMspecific credentials (e.g. CIAM/CAMS CyberArk Certified Okta Certified Consultant).
• Experience with AWS technologies such as Lambda S3 DynamoDB RDS Aurora SNS SQS CloudTrail CloudWatch Code Pipeline AWS Developer Tools and IAM roles and permissions
• Experience with DevOps tools and practices including secrets management and CICD pipelines

Manager

• Chetan Jha

Recruiter for this role

• Kayla Osuna

Compensation and Benefits

Marqeta is a Flex First company which allows you to choose your best working environment whether that be from home or at a company office. To support Flex First we calibrate pay to a competitive value according to working location.

When determining salaries we consider several factors including but not limited to skills prior experience and work location. The newhire base salary range for this position reflected in CAD is:.

We also believe in recognizing the contributions of our people. Thats why we award annual bonuses to eligible employees rewarding both individual performance and the success of the entire company.

Along with monetary compensation Marqeta offers

• Multiple health insurance options
• Flexible time off take what you need
• Retirement savings program with company contribution
• Equity in a publiclytraded company
• Monthly stipend to support our remote work model
• Annual development dollars to support our people growth and development
• Familyforming benefits and up to 20 weeks of Parental Leave