Security Engineer, Identity and Access Management (IAM)

At JetBrains, code is our passion. Since 2000, we’ve focused on helping developers work faster by automating routine checks and fixes.  Our tools are used by over 12.5 million people worldwide, including eighty-eight Fortune Global 100 companies.

We are seeking a detail-oriented IAM Security Specialist to lead the integration, support, and governance of our identity ecosystem. You will be the bridge between technical implementation and security compliance, ensuring that every identity, whether human or machine, has exactly the permissions it needs and nothing more. Your focus will be on building scalable RBAC models and maintaining a rigorous access review cycle.

• Lead the technical integration of new applications and services into our centralized IAM platform.
• Provide expert support for complex authentication/authorization issues and serve as a technical escalation point.
• Maintain and optimize IAM infrastructure, including SSO (SAML, OAuth 2.0, OIDC), MFA, and PAM solutions.

• Execute and oversee periodic access re-certifications, ensuring compliance across periodic audit cycles (SOC 2).
• Conduct detailed permission reviews for individuals and system integrations to enforce the Principle of Least Privilege (PoLP).

• Design, document, and implement Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) frameworks across a wide range of systems.
• Partner with cross-functional teams (IT, Product, HR) to define business roles and translate them into technical entitlements.

• 3+ years of professional experience focused on Identity and Access Management (IAM) engineering or architecture.
• Proven experience administering enterprise IAM solutions and integrating them with diverse systems (e.g., Okta, Auth0, Ping Identity, Microsoft Entra ID).
• Scripting and automation skills using a scripting language such as Python, Go, Bash, or PowerShell.
• Familiarity with cloud IAM solutions (e.g., AWS IAM, GCP IAM).
• Solid understanding of networking, security protocols, and SSO technologies and standards, including SAML, OAuth 2.0, and OIDC.

• Experience in the software development industry, particularly with managing access to source code repositories (Git/GitHub/GitLab) and CI/CD tools (TeamCity, GitLab CI).
• Hands-on experience with Privileged Access Management (PAM) concepts and tools.
• Knowledge of Zero Trust Architecture (ZTA) principles and how to apply them to developer workflows.
• Security certifications (e.g., CISSP, CISA, relevant vendor certifications).
• Familiarity with compliance frameworks relevant to software vendors (SOC 2).