Engineering Manager, Access Management

About The Position

Requirements

• 4+ years managing security, identity, or infrastructure engineering teams with a proven track record of high impact
• Experience building or operating enterprise access management systems — identity providers, access request workflows, automated provisioning, or directory services
• Understanding of IAM concepts: RBAC, ABAC, least privilege, separation of duties, access certification, and privileged access management
• Ability to evaluate security tradeoffs and make risk-based decisions across complex cloud environments
• Strong cross-functional collaboration skills, balancing security requirements with developer experience and velocity
• Clear and persuasive communicator in both writing and verbal settings
• Passionate about building diverse, high-performing teams and growing engineers in a fast-paced environment
• Low ego and high empathy

Nice To Haves

• Experience delivering compliance-driven engineering projects (SOC 2, ISO 27001, ISO 42001, HIPAA) at a company undergoing rapid growth or regulatory maturation
• Familiarity with HRIS integrations for automated identity lifecycle management
• Experience implementing two-party control (dual approval) patterns for sensitive access
• Background in OAuth, OIDC, SAML, SCIM, or SPIFFE/SPIRE identity protocols
• Experience designing access management strategy for a company going through hypergrowth
• Understanding of common identity-based attack patterns — credential theft, lateral movement, privilege escalation — and how access controls mitigate them
• Experience with Google Workspace administration, GCP organization policies, or AWS IAM at scale

Responsibilities

• Lead, mentor, and grow a team of security engineers building access management infrastructure; you'll own hiring as the team scales
• Own the technical roadmap for our authorization engine, access-request platform, and related access control systems — making strategic decisions about what to build based on security risk and engineering velocity
• Drive least-privilege enforcement across public workloads, employees, SaaS applications, and internal tools, systematically identifying and eliminating over-provisioned access
• Evolve the RBAC model, automated provisioning, and the access-request platform end-to-end — request workflows, approval chains, HRIS sync, two-party controls, and integrations with downstream systems
• Contribute to the company's emerging agent access model — defining how AI agents are granted permissions and how those permissions are reviewed, so agents operate within the same least-privilege framework as human engineers
• Ensure access events are well-structured and queryable — building the data foundation that supports audit, access reviews, compliance reporting, and incident response
• Ensure the systems you build satisfy audit and regulatory requirements (SOC 2, ISO 27001, ISO 42001, HIPAA), partnering with GRC so compliance is a byproduct of good engineering rather than a separate workstream
• Partner across the organization with IT, GRC, People Operations, Security Engineering, Detection and Response, Research and Engineering teams to ensure access management serves the entire company while maintaining security foundations

Benefits

• competitive compensation and benefits
• optional equity donation matching
• generous vacation and parental leave
• flexible working hours
• a lovely office space in which to collaborate with colleagues