whoop
Security Engineer, IAM
At a Glance
- Location
- Boston, Massachusetts, United States
- Work Regime
- onsite
- Experience
- 3+ years
- Compensation
- or this full-time position is $130,000 - $170,000. Salary ranges are determined
- Posted
- 2026-03-12T16:07:17.157000+00:00
Key Requirements
Required Skills
Certifications
- CISM
- CISSP
Domain Knowledge
- Cybersecurity
- Engineering
Requirements
3+ years of experience in IAM engineering or identity architecture
Hands-on experience with enterprise identity providers such as Okta, Azure AD, or similar enterprise IAM platforms
Strong understanding of modern authentication and authorization protocols, including SAML, OAuth 2.0, OIDC, SCIM, and JWT
Experience designing and implementing RBAC and/or ABAC models in cloud-native environments
Strong knowledge of AWS IAM, cross-account access models, and cloud identity federation
Experience securing APIs, service accounts, machine identities, and CI/CD authentication workflows
Responsibilities
Implement authentication and authorization controls across SaaS platforms, cloud infrastructure, and internal applications
Configure and maintain SSO, MFA, conditional access policies, and federation integrations
Assist with the evolution of single sign-on (SSO), multi-factor authentication (MFA), conditional access, and zero trust access models
Assist in design and enforce role-based and attribute-based access control models (RBAC/ABAC) across cloud and SaaS systems
Validate identity provider integrations, including application onboarding and SCIM provisioning
Partner with Engineering to secure application authentication flows, API access, service-to-service authentication, and token management