Staff Security Engineer

JOB DESCRIPTION

Summary
The Application and Security Engineering team is looking for a Staff Security Engineer to focus on identity and access management and build and maintain world-class defensive controls to protect the systems we use to build our advanced defense technology products.

Responsibilities

• Build an identity engine that powers the whole company and supercharges our security program
• Create applications that enable and enforce our identity framework across the company
• Develop integrations that unify identities across IdPs, cloud providers, SaaS tools, and internal systems
• Automate identity lifecycle operations, including provisioning, access reviews, and offboarding
• Collaborate with other IAM engineers and partner teams to define architecture and ship iteratively

Required Qualifications

• Strong programming ability in one or more general-purpose languages (Go, Rust, etc.)
• Experience with one or more infrastructure-as-code languages (e.g., Terraform, AWS CDK) in a production capacity
• Experience with identity protocols (SAML, OIDC, SCIM, OAuth) or identity providers (Okta, Azure AD, etc.)
• Proven ability to translate system design requirements into clean, maintainable implementations
• Experience leading or contributing to architecture and design reviews
• Experience working with cloud platforms and deploying applications through CI/CD pipelines
• Ability to work autonomously, take ownership of projects, and collaborate across teams
• Eligible to obtain and maintain a U.S. TS clearance
• Experience working in environments with complex identity or access issues, including troubleshooting across distributed systems is preferred
• Familiarity with RBAC, ABAC, or policy-as-code frameworks (e.g., OPA, Cedar)- preferred
• Experience building bespoke solutions in high-growth and high-complexity environments is preferred
• Experience with AWS, Azure, or Google Cloud Platform ecosystems and tooling is highly preferred