Senior Identity Access Management Engineer

About The Position

Requirements

• 8+ years of hands-on experience with identity and access management and automating cloud technologies, particularly within the Microsoft ecosystem.
• Strong analytical skills and attention to detail, with the ability to troubleshoot complex infrastructure and identity-related issues.
• Excellent communication skills, with the ability to clearly explain technical concepts to both technical and non-technical stakeholders.
• Deep experience with Microsoft Entra ID, including Conditional Access, Identity Governance, and Privileged Identity Management.
• Familiarity with Microsoft 365 services: Exchange Online, Defender, Purview, Sentinel, Intune, and related platforms.
• Automation and scripting skills using PowerShell, Azure CLI, and Microsoft Graph API; working knowledge of Azure services such as Function Apps and Logic Apps.
• Experience in onboarding and managing enterprise applications in Azure Entra ID.
• Advanced knowledge of Azure Single Sign-On (SSO) login methods, including OAuth2, OpenID Connect, and SAML, and their integration with enterprise applications.
• Strong understanding of multi-factor authentication and FIDO2.
• Familiarity with IT security frameworks and compliance standards.
• Knowledge of logging, monitoring, and alerting practices for identity and access events.
• Basic understanding of email security and DNS.
• Experience with backup and recovery strategies for identity-related services.
• Understanding of Zero Trust Architecture principles.
• Familiarity with Jira and Confluence.
• B.S. in Computer Science, Information Technology, Engineering, or equivalent experience.

Responsibilities

• Lead enterprise-wide IAM standardization, including identity lifecycle, access governance, and policy enforcement across global regions.
• Drive automation across IAM to streamline administration and deliver a smoother user experience.
• Support enterprise applications onboarding into Azure Entra ID, including SSO, Conditional Access, and role-based access control (RBAC).
• Enhance privileged access management and implement scalable monitoring, alerting, and auditability solutions to support a secure, geographically distributed workforce.
• Collaborate with IT, Networking, and Security teams to troubleshoot identity-related issues and support global infrastructure initiatives.

Benefits

• Roku is committed to offering a diverse range of benefits as part of our compensation package to support our employees and their families.
• Our comprehensive benefits include global access to mental health and financial wellness support and resources.
• Local benefits include statutory and voluntary benefits which may include healthcare (medical, dental, and vision), life, accident, disability, commuter, and retirement options (401(k)/pension).
• Our employees can take time off work for vacation and other personal reasons to balance their evolving work and life needs.
• It's important to note that not every benefit is available in all locations or for every role. For details specific to your location, please consult with your recruiter.