Sr. Identity and Access Management (IAM) Engineer, Enterprise Identity Transformation (Remote)

Senior IAM Engineer

Employment Type: Full-time

Position Overview

CrowdStrike, a global leader in cybersecurity, is seeking an exceptional Senior IAM Engineer to design, implement, and maintain our core identity infrastructure. This role is crucial for ensuring secure and efficient access management across our rapidly growing organization. You will focus on Active Directory, Okta, and Multi-Factor Authentication (MFA), while supporting our Enterprise Identity Governance Framework. The ideal candidate possesses deep technical expertise, strong security knowledge, and excellent problem-solving abilities.

About CrowdStrike

As a global leader in cybersecurity, CrowdStrike protects the people, processes, and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe, and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation, and a fanatical commitment to our customers, our community, and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

Responsibilities

Solution Design & Implementation

• Help design, implement, and maintain IAM solutions, focusing on Active Directory, Okta, and Multi-Factor Authentication (MFA).
• Engineer identity infrastructure to support 12,000+ users and several applications.
• Develop and enforce security policies related to identity management and access control.
• Support scalable, secure identity solutions aligned with our Identity Spec 1.0 requirements.
• Implement advanced authentication mechanisms, including passwordless solutions.

Identity Lifecycle Management

• Manage user lifecycle, including onboarding, role changes, and off-boarding processes.
• Design and implement role-based access control (RBAC) solutions.
• Develop automated provisioning and de-provisioning workflows.
• Create efficient access request and approval processes.
• Implement access certification and review procedures.

Integration & Automation

• Integrate IAM systems with other enterprise applications and cloud services.
• Design, implement, and maintain Okta Workflows for process automation and integration.
• Develop custom integrations using APIs and scripting.
• Create automated monitoring and alerting solutions.
• Build self-service capabilities for common identity tasks.

Operational Excellence

• Troubleshoot complex IAM issues and provide escalation support.
• Participate in on-call rotation to provide 24/7 support for critical IAM systems.
• Create and maintain comprehensive documentation for IAM systems and processes.
• Develop and update detailed runbooks for operational procedures and disaster recovery.
• Conduct regular security audits and access reviews.

Requirements

• 8+ years of experience in IAM, with strong expertise in Active Directory and Okta.
• 5+ years of hands-on implementation of enterprise IAM solutions.
• Proven experience implementing and managing MFA solutions.
• Experience with PowerShell/Python; API Development; CI/CD Pipelines.
• Operational support ability – troubleshooting, escalation, maintaining documentation, and occasional rotational on-call support.
• In-depth knowledge of security policies/security management (policies, controls, audits, reviewing access), frameworks, and compliance requirements.
• Strong technical leadership background, as well as competencies in solutioning, systems implementation, integration, and process automation.

Bonus Points

• Relevant certifications (CISSP, CISM, Okta certification).
• Experience with SAML, OAuth, and OpenID Connect protocols.
• Familiarity with privileged access management (PAM) solutions.
• Experience using documentation management systems.