Senior Security Engineer Cloud Identity

Were seeking an experienced Senior Security Engineer with a strong passion for Identity and Access Management(IAM) and proven expertise in cloud-native environments particularly AWS. In this role youll help shape and implement modern identity strategies to secure access across all of Marqetas systems and services100% cloud-based with no data center footprint.

Join us in building a secure scalable and frictionless IAM program where youll play a crucial part in:

• Building and evolving our Identity Governance and Administration (IGA) capabilities.
• Implementing & Operating Privileged Access Management (PAM) in a cloud-first (AWS-focused) environment.
• Designing and architecting a Certificate Lifecycle Management solution that supports cloud-native workloads.
• Driving integration of IAM across AWS services SaaS platforms and developer/DevOps pipelines.
• Designing identity and access controls to protect AI/ML systemsensuring secure access to training data models and inference APIs.

The Impact Youll Have

• Develop and lead implementation of robust IAM strategies aligned with cloud-native architecture and security principles.
• Expand and operationalize the IAM program across IGA PAM SSO MFA access management secrets management and certificate lifecycle.
• Automate identity provisioning de-provisioning and access reviews using AI tools and infrastructure-as-code.
• Design IAM integrations for AWS-native services (Lambda EC2 S3 IAM etc.) SaaS platforms and third-party identity tools (e.g. Okta CyberArk).
• Promote and enforce least privilege and zero-trust principles through scalable access controls and policy automation.
• Mentor junior engineers and serve as a technical lead for IAM-related projects.
• Collaborate with Security DevOps and Infrastructure teams to embed IAM controls across the engineering lifecycle.
• Stay ahead of emerging trends and continuously refine IAM strategy based on evolving cloud threats and compliance requirements.

Who You Are

• A minimum of 8 years related experience with a Bachelors degree; or 5 years and a Masters degree; or a PhD with 3 years experience; or equivalent combination of related education and work experience.
• Strong experience with IAM tools (e.g. Okta CyberArk Ping SailPoint).
• Deep knowledge of IAM in cloud-native environments especially AWS IAM roles policies permissions boundaries and federation.
• Proficiency in infrastructure-as-code (e.g. Terraform CloudFormation).
• Familiarity with authentication and authorization protocols (SAML OAuth2 OpenID Connect Kerberos).
• Strong grasp of directory services like Active Directory LDAP and cloud-based alternatives.
• Hands-on skills in scripting (e.g. Python PowerShell) to automate IAM operations.
• Solid understanding of compliance standards: NIST SOC 2 PCI DSS etc.
• Proven experience integrating IAM into CI/CD pipelines secrets management and DevOps workflows.
• Excellent communication skills and ability to influence and lead cross-functional teams.

Nice to have

• Relevant certifications such as CISSP CISM or IAM-specific credentials (e.g. CIAM/CAMS CyberArk Certified Okta Certified Consultant).
• Experience with AWS technologies such as Lambda S3 DynamoDB RDS Aurora SNS SQS CloudTrail CloudWatch Code Pipeline AWS Developer Tools and IAM roles and permissions
• Experience with DevOps tools and practices including secrets management and CICD pipelines

Manager

• Sandeep Chotwani

Recruiter for this role

• Kayla Osuna

Compensation and Benefits

Marqeta is a Flex First company which allows you to choose your best working environment whether that be from home or at a company office. To support Flex First we calibrate pay to a competitive value according to working location.

When determining salaries we consider several factors including but not limited to skills prior experience and work location. The new-hire base salary range for this position reflected in CAD is: 136800 - 171000

We also believe in recognizing the contributions of our people. Thats why we award annual bonuses to eligible employees rewarding both individual performance and the success of the entire company.

Along with monetary compensation Marqeta offers

• Multiple health insurance options
• Flexible vacation time
• Retirement savings program with company contribution
• Equity in a publicly-traded company
• Monthly stipend to support our remote work model
• Annual development dollars to support our people growth and development
• Family-forming benefits and up to 20 weeks of Parental Leave