Sr. Application Security IAM Engineer

Mark43 is approved to hire in Canada the UK and 45 U.S. states including Arizona California (excluding San Francisco) Colorado Connecticut Washington D.C. Florida Georgia Iowa Idaho Illinois Indiana Kansas Massachusetts Maryland Maine Michigan Minnesota Missouri North Carolina Nebraska New Hampshire New Jersey New Mexico New York Ohio Oklahoma Oregon Pennsylvania South Carolina Tennessee Texas Utah Virginia Vermont Washington Wisconsin and West Virginia. Before applying to a remote role please ensure that you are able toperform the positionin one of the states listed above. State locations and specifics are subject to change as our hiring requirements shift.Applicants must be authorized to work for any employer in the country in which the role is being hired. We are unable to sponsor or take over sponsorship of an employment visa at this time.

Mark43s mission is to empower communities and their governments with new technologies that improve the safety and quality of life for all. We build powerful scalable and elegant software that sets a new standard for the tools upon which our first responders rely. Our users are diverse and we are therefore committed to embracing diversity of thought and experience within our team. Were seeking an experienced and innovative Senior IAM Security Engineer to own build and operate the critical infrastructure that secures our platform and customer data. As a senior member of the Mark43 Security team you will be responsible for our identity and access management ecosystem from architecture to implementation. Youll contribute to building robust scalable and secure solutions to unique challenges at the intersection of public safety and cloud technology. As an engineer at Mark43 youll have the freedom to design and implement your own solutions driving our zero-trust strategy forward and having a meaningful impact on our security posture.

What Youll Do

If you were a part of our team here are some things you would have done last week:

• Spent time working with a Product Manager to understand requirements for a new identity feature.
• Designed built and maintained our core IAM services and infrastructure using languages like Java Typescript or Java.
• Implemented and managed authentication and authorization solutions using protocols like OIDC OAuth2 and SAML.
• Developed and supported integrations for Single Sign-On (SSO) multi-factor authentication (MFA) with technologies like Yubikey and automated user lifecycle management (SCIM).
• Administered and enhanced our Azure EntraID and B2C environments to meet security and scalability needs.
• Contributed to our zero-trust architecture using tools like OpenZiti or other modern secure access solutions.
• Reviewed code submitted by other engineers and submitted your own code for review as part of our secure software development/deployment process.
• Written clear concise technical documentation to accompany your code that your teammates will trust.
• Nurtured an engineering culture that cares deeply about security and the quality of the code we write while still working quickly to bring our technology to as many customers as possible.
• Participated in an on-call.

What Youll Need:

We are seeking engineers with at least 3 years of professional experience in Identity and Access Management and software engineering. You should be comfortable utilizing agile development methodologies and have a passion for building secure reliable systems. Our codebase is large and complex so we expect you to write clear concise code and intuitive documentation to help other engineers understand your contributions.

• Deep understanding of authentication and authorization concepts and protocols (SSO MFA SCIM OIDC OAuth2).
• Hands-on experience with cloud identity providers preferably Azure EntraID and/or B2C.
• Proficiency in at least one language such as Java Typescript Go Python etc.
• Experience with securing CI/CD pipelines infrastructure-as-code and container orchestration (e.g. Kubernetes).
• Experience with FedRAMP or other NIST 800-53 based compliance frameworks is a plus.
• Experience in maximizing efficiency with the help of GenAI-infused tooling.
• Familiarity with AWS services andsecuringcloud environments.
• Knowledge of or prior experience with zero-trust networking principles and tools (e.g. OpenZiti ngrok) is a strong plus.
• Commitment to providing support for other members of the team and developing cooperative working relationships.
• Leaning in to contribute to the company outside your role - our engineers have written blog posts attended events and helped grow our team.

People who thrive on our team also tend to share the following characteristics:

• Humble open and curious.You recognize that no one is perfect and you will be wrong and youre excited about listening and learning being a big part of your job.
• Attentive active listeners.Youre interested in what others have to say and illustrate your interest with your actions.
• You do not shy away from challenging work and you proactively help your team solve problems.
• Enthusiastic collaborators.You understand that the best outcomes are achieved through shared ownership and seek to spread knowledge and expand participation rather than restrict it.
• Comfortable with uncertainty.You know that sometimes problems and situations cant be simplified or fully understood and are at ease working within this type of haziness.
• Passionate about personal growth.You view mistakes as opportunities for learning and want to grow as a designer colleague and person.
• Eager to help others.You look for ways to provide support for more junior members of the team and develop cooperative working relationships.

We feel passionately about equal pay for equal work and transparency in compensation is one vehicle to achieve that. Total compensation for this role is market competitive including atarget baseannualsalary range of $110000 - $135000 plus bonus opportunity company stock options and a full benefits package includinghealth insurance paid time off anda 401k plan.Our Privacy Notice describes how Mark43 uses and protects the personal information of prospective employees during the recruitment process. It informs you about our handling of the personal information you provide to us when you apply for a position in our organization and in general when you express your interest in joining our team. As a part of Mark43s security measures all employees must: Engage in appropriate use of the companys electronic information resources; Become knowledgeable about and follow relevant security policies and guidelines; Protect the resources under their control such as passwords computers and data that they create receive or download; and Promptly report security-related incidents and violations and responding to official reports of security incidents involving their systems or 43 is committed to the full inclusion of all qualified individuals. All qualified applicants will receive consideration for employment without regard to race color religion sex disability age sexual orientation gender identity national origin veteran status or genetic information. As part of this commitment we will ensure that persons with disabilities are provided reasonable accommodations. If reasonable accommodation is needed please email requesting the accommodation.

Required Experience:

Senior IC