Smartsheet - Clyde Hill, WA
posted about 2 months ago
Full-time - Mid Level
Hybrid - Clyde Hill, WA
Computing Infrastructure Providers, Data Processing, Web Hosting, and Related Services
About the position
The Sr. Security Engineer I - Identity Access Management at Smartsheet is responsible for enhancing the company's IAM program, ensuring the security of critical systems and data. This role involves analyzing existing IAM platforms, designing robust authentication and authorization solutions, and collaborating with various teams to maintain a secure access environment. The position offers a chance to significantly impact Smartsheet's security posture through continuous improvement initiatives in IAM practices.
Responsibilities
- Formulate the overarching identity access management technical strategy and roadmap, including system design, standards, and procedures.
- Design and implement innovative solutions to tackle complex IAM challenges.
- Collaborate with product engineering teams and Corporate IT engineers to implement IAM security controls.
- Act as a subject matter expert and mentor colleagues in best practices for identity and access management.
- Investigate and respond to security incidents related to IAM, working with the broader security team.
- Aggregate and present IAM metrics to showcase ongoing efforts and progress.
- Drive continuous process improvement in identity and access management systems and processes.
- Enhance provisioning and access management processes in collaboration with IT and other business teams.
Requirements
- 7+ years of experience in cyber security or IT with direct work in identity management systems.
- Understanding of identity and access management concepts such as Role-based Access Control, user directories, Single Sign-On, privileged access management, and multifactor authentication (MFA).
- Experience with security tooling such as Endpoint Detection and Response (EDR), Virtual Private Networks (VPN), Vulnerability scanning tools, Cloud Security Posture Management (CSPM), and Security Information and Event Management (SIEM).
- Exceptional attention to detail.
- Excellent written and verbal communication skills.
- Strong interpersonal, analytical, and customer service skills.
- Familiarity with application programming interface (API) concepts and methods.
- Strong knowledge of frameworks like SOC2, NIST, CIS, and FEDRAMP.
- Working knowledge of privileged user management tools.
- General information security certification (e.g., CISSP, GSEC).
- Experience with IAM within Okta, AWS, Microsoft Azure, and Active Directory.
Benefits
- HSA with 100% employer-paid premiums or Buy-up medical/vision and dental coverage options for full-time employees.
- Restricted Stock Units (RSUs) for eligible roles.
- Employee Stock Purchase Program with a 15% discount.
- 401k Match (50% of your contribution up to the first 6% of your eligible pay).
- Monthly stipend to support work and productivity.
- Flexible Time Away Program, plus Incidental Sick Leave.
