IAM Engineer (Security Team)

We are looking for an IAM Engineer to join our Security team. The role sits at the intersection of development, infrastructure, and information security.

This position is ideal for someone with strong expertise in identity and access management systems, who understands how to implement RBAC models within company processes and is ready to automate routine tasks.

* Our team is Russian-speaking, so we’re currently looking for candidates with Russian as a native language to ensure smooth and comfortable communication within the team

What we expect:

• Solid understanding of access management processes in large organizations
• Hands-on experience with deployment and integration of IdP solutions: Okta / Keycloak / SailPoint
• Strong knowledge of RBAC, ABAC, PBAC, and experience embedding access models into IDM systems and company workflows
• Understanding of authentication and authorization protocols: SAML, OIDC, OAuth2, LDAP, Kerberos, SCIM
• Experience with provisioning/deprovisioning automation, onboarding/offboarding processes
• Experience with Git and CI/CD pipelines
• Understanding of cloud IAM services (e.g., AWS or GCP)
• Knowledge of Python or Go for automation tasks

Nice to have:

• Experience integrating LLMs via APIs / MCP into existing systems
• Infrastructure as Code skills (Terraform, Ansible)
• Experience with MDM solutions
• Familiarity with ELK stack
• Experience in incident investigation and participation in CTF challenges

Requirements

• Design, implement, and maintain Identity and Access Management (IAM) solutions across the organization
• Integrate and support IdP systems (e.g., Okta, Keycloak, SailPoint) with internal and external services
• Develop and enforce access control models (RBAC, ABAC, PBAC) aligned with business processes
• Automate user lifecycle management (provisioning, deprovisioning, onboarding, offboarding)
• Implement and maintain authentication and authorization flows (SAML, OAuth2, OIDC, LDAP, Kerberos, SCIM)
• Collaborate with engineering, DevOps, and security teams to embed IAM into infrastructure and applications
• Build and maintain automation scripts/tools (Python or Go) to reduce manual effort and improve efficiency
• Manage and optimize IAM in cloud environments (AWS, GCP)
• Contribute to CI/CD pipelines and ensure secure integration of IAM processes
• Monitor, troubleshoot, and resolve access-related issues and incidents
• Participate in security audits, access reviews, and compliance initiatives
• Document IAM processes, standards, and best practices

Benefits

• 25 vacation days and 5 family days yearly
• Flexible start to the workday
• Support from a professional corporate coach and psychologist
• Regular internal and external activities, workshops, trips, and corporate events
• Access to our internal knowledge base, meetups, and team-building activities
• Ongoing training in new technologies and continuous professional development support