FreshRemote.Work

Sr. Engineer, Identity and Access Management - Product Security (Remote)

USA CA Remote

#WeAreCrowdStrike and our mission is to stop breaches. As a global leader in cybersecurity, our team changed the game. Since our inception, our market leading cloud-native platform has offered unparalleled protection against the most sophisticated cyberattacks. We work on large scale distributed systems, processing over 1 trillion events a day with a petabyte of RAM deployed in our Cassandra clusters - and this traffic is growing daily. We’re looking for people with limitless passion, a relentless focus on innovation and a fanatical commitment to developing and shaping our cybersecurity platform. Consistently recognized as a top workplace, CrowdStrike is committed to cultivating an inclusive, remote-first culture that offers people the autonomy and flexibility to balance the needs of work and life while taking their career to the next level. Interested in working for a company that sets the standard and leads with integrity? Join us on a mission that matters - one team, one fight.

About the Role:

Help us protect CrowdStrike and its customers from the most advanced threats!

As a Sr. Engineer in Product Security specializing in IAM – you will play a critical role in ensuring the security of our multi-cloud-native Falcon platform. Identity and Access are foundational to our customers’ trust – and you will be responsible for designing, implementing, and maintaining access systems that protect this trust. This dynamic, collaborative role will expose you to industry-expert engineers across the whole Product organization, and give you hands-on in-depth experience with our scaled, event-driven, distributed infrastructure.

We believe in “One Team. One Fight.” – and our team reflects this. You will be empowered to make decisions, apply your deep expertise, and have your voice heard. We will trust you to get the job done and chase our mission without someone looking over your shoulder. Our team will grow together – and you will mentor and lead more junior engineers that are eager to learn.

What You’ll Do:

  • Design, implement, and maintain access control solutions for our multi-cloud platform

  • Ensure performance, reliability, and usability of access systems across a large number of services and users.

  • Manage security risk and governance for identity and access – including identity lifecycle, least-privilege control design, threat modeling, verification, and audit 

  • Develop scripting and automation solutions to streamline access operations and integrations.

  • Lead and manage projects involving diverse cross-functional stakeholders, ensuring alignment and successful delivery while building deep relationships with product and engineering leaders

  • Stay up-to-date with the latest advancements in IAM and cybersecurity to continuously improve our security posture.

  • Provide technical leadership and mentorship to junior security engineers and participate in interviewing new talent.

What You’ll Need:

  • Deep expertise in cloud IAM services (e.g. AWS IAM, Azure Entra, GCP IAM, OCI IAM) 

  • Experience building access provisioning and governance systems-as-a-service (e.g. just-in-time, self-service, zero trust, service mesh)

  • Familiarity with infrastructure as code (e.g. Terraform, SaltStack, Ansible)

  • Strong understanding of identity federation and SSO (e.g. OAuth, OIDC, SAML, SCIM)

  • Proficiency in scripting and automation to ease IAM operations and integrations (e.g., Python, Bash, Go).

  • Experience with Cloud-scale, business-critical Linux and/or other Unix-like variant environments

  • Experience operating at scale and complexity in services and users.

  • Demonstrated ability to run projects with diverse stakeholders and ensure successful delivery in a fast-paced environment with teams that engineer products and bring them to market.

Bonus Points:

  • Experience with Microsoft Active Directory design and management.

  • Experience with compliance frameworks (e.g., NIST, FedRAMP, FIPS, PCI-DSS).

  • Familiarity with cloud security and experience securing cloud-based applications and services in AWS, GCP, OCI, and/or Azure Cloud environments.

#LI-SF1

#LI-MF1

#LI-Remote

#HTF

This role will require the candidate to periodically undergo and pass additional background and fingerprint check(s) consistent with government customer requirements.

Benefits of Working at CrowdStrike:

  • Remote-first culture

  • Market leader in compensation and equity awards

  • Competitive vacation and flexible working arrangements 

  • Comprehensive and inclusive health benefits

  • Physical and mental wellness programs

  • Paid parental leave, including adoption 

  • A variety of professional development and mentorship opportunities

  • Offices with stocked kitchens when you need to fuel innovation and collaboration

CrowdStrike is proud to be an equal opportunity and affirmative action employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. Our approach to cultivating a diverse, equitable, and inclusive culture is rooted in listening, learning and collective action. By embracing the diversity of our people, we achieve our best work and fuel innovation - generating the best possible outcomes for our customers and the communities they serve.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.

Find out more about your rights as an applicant.

CrowdStrike participates in the E-Verify program.

Notice of E-Verify Participation

Right to Work

CrowdStrike, Inc. is committed to fair and equitable compensation practices. The base salary range for this position in the U.S. is $135,000 - $210,000 per year + variable/incentive compensation + equity + benefits. A candidate’s salary is determined by various factors including, but not limited to, relevant work experience, skills, certifications and location.

Expected Close Date of Job Posting is:01-06-2025 Apply

Job Profile

Regions

North America

Countries

United States

Restrictions

Remote Remote-first culture

Benefits/Perks

Autonomy Autonomy and flexibility Career development Competitive vacation Competitive vacation and flexible working arrangements Comprehensive and inclusive health benefits Equal Opportunity and Affirmative Action Equity Equity awards Flexibility Flexible working arrangements Health benefits Inclusive culture Inclusive health benefits Inclusive, remote-first culture Market leader in compensation Market leader in compensation and equity Mental wellness programs Mentorship Mentorship opportunities Offices with stocked kitchens Paid parental leave Paid parental leave, including adoption Physical and mental wellness Physical and mental wellness programs Professional development Professional development and mentorship opportunities Remote-first company Remote-first culture Stocked kitchens Wellness programs

Tasks
  • Collaboration
  • Design access control solutions
  • Develop automation solutions
  • Ensure performance and reliability
  • Lead cross-functional projects
  • Manage projects
  • Manage security risk and governance
  • Mentor junior engineers
  • Provide technical leadership
  • Provide technical leadership and mentorship
  • Technical Leadership
  • Threat modeling
Skills

Access provisioning Active Directory Ansible Audit Automation AWS AWS IAM Azure Azure Entra Bash Cassandra Cassandra clusters Cloud Cloud environments Cloud iam Cloud-native platform Cloud Security Collaboration COM Compliance Compliance frameworks Cybersecurity Distributed Systems Engineering Falcon FedRAMP Flexibility GCP Gcp iam Go Governance Governance systems IAM Identity and Access Management Identity federation Infrastructure Infrastructure as Code Innovation Leadership Linux Management Mentorship Microsoft Multi-cloud NIST OAUTH OCI Oci iam OIDC Organization PCI Product Security Python Recruiting Reliability SaltStack SAML SCIM Scripting Security SSO Systems Technical Technical Leadership Terraform Threat modeling UNIX

Education

AS BE Business Cybersecurity Distributed systems Engineering Relevant Work Experience

Certifications

Cloud Security Linux

Timezones

America/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9