Security Engineer, Identity and Access Management
Chicago, IL
Flexport
Cut costs, automate workflows, reliably move goods, go carbon-neutral, and improve your supply chain from end to end. It all starts here.Enable Flexport to become the most trusted company in global trade
The Opportunity:
Flexport helps more than 10,000 clients and suppliers lead all aspects of their supply chain operations. Started in 2013, we've raised over $1.3B from investors that include the Founders Fund, Google Ventures, First Round Capital, Bloomberg Beta, Y Combinator, Wells Fargo, & Softbank.
With offices on three continents, our team is as global as our client base and we’re excited to continue building a product and service they love. Wherever you are, whichever role you play, you’re guaranteed to share your day with committed, encouraging, and resourceful team members.
Flexport is looking for Security Engineers to help Flexport establish itself as the most trusted company in the global trade ecosystem. As Security Engineer, Identity and Access Management, you will be responsible for driving enterprise identity and access management architecture, enabling automation and self-service capabilities that streamline the identity lifecycle,
What you’ll do:
- Design, implement, integrate, and maintain services that enable robust Identity and Access Management capabilities across the enterprise while reducing user friction.
- Deploy and manage secret and privileged access management technologies to enable secure access, application of least privilege principle and accountability for change/configuration management.
- Partner with HR, IT, and Security to build a central identity repository with current and accurate entity attribute data throughout the user lifecycle process.
- Partner with Security and IT to ensure centralized visibility of all identity-based audit logs, and the development of reporting and metrics to enable operational and compliance-based objectives.
- Improve upon basic SSO integrations to enable broader role- or attribute-based access controls, self-service and JIT provisioning, and overall user lifecycle management.
- Plan and support all phases of moderately complex projects.
- Create a culture of transparency, information sharing, and collaboration through the development of excellent documentation, mentoring of junior team members, and living Flexport’s values.
You should have:
- 5+ years of identity management, IDAAS, provisioning, user lifecycle automation, and federation in a fast-paced cloud-first global environment.
- 3+ years experience with
- LDAP-based directory services, such as, Active Directory, FreeIPA, or OpenLDAP,
- Web-based SSO technology, such as, Auth0, Okta, OneLogin, or KeyCloak,
- Privileged Access Management technology, and
- Enterprise Password Management.
- Strong experience in building and using web-based APIs (e.g. GraphQL, REST, SOAP, XML, JSON) in languages such as Go, Java, JavaScript, Python, and/or Ruby for identity-based integration and the automation of user lifecycle management.
- Deep understanding of identity-related protocols, such as, Kerberos, JWT, OAuth, OpenID Connect, SAML, SCIM, WebAuthn, etc.
- Strong direct experience with major IaaS and PaaS cloud platforms (e.g. Azure, AWS, GCP).
- Strong understanding of PKI, digital certificates, digital signatures, certificate and session management.
- Strong protocol level troubleshooting skills (e.g. LDAP, SAML, etc).
- Experience with Linux, Mac, and Windows operating systems at the client and server level.
- Experience with customer identity management is a plus.
- Excellence in problem-solving, strategic thinking, and collaboration with cross-functional teams.
- Experience with DevOps and SaaS environments.
- Strong interpersonal and communications skills.
Where you’ll work:
Our flagship office is on Market Street in San Francisco, but we also have engineering teams working out of our locations in Atlanta, Seattle, and Chicago. Remote work is also possible from CA, CO, DC, FL, GA, IL, NJ, NY, OR, PA, TX, VA, WA. As a truly global company, we don’t let geography slow us down. We rotate hack-a-thons and move Flexporters all around the world.
About Flexport:
Investing your time with Flexport means having immediate impact, all over the world. You’re empowered to do what’s best for everyone and trusted to make the right decisions when and where you need them. Join our collective of entrepreneurs and improve the world’s experience in global trade.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
We believe global trade can move the human race forward. That’s why it’s our mission to make global trade easier for everyone. We aim to do this by building the Operating System for Global trade - a strategic model combining advanced technology and data analytics, logistics infrastructure, and supply chain expertise. Flexport today connects almost 10,000 clients and suppliers across 109 countries, including established global brands like Georgia-Pacific as well as emerging innovators like Sonos. Started in 2013, we've raised over $1.3B in funding from SoftBank Vision Fund, Founders Fund, GV, First Round Capital and Y Combinator. We’re excited about the three big ways we’re moving forward after our $1B investment from SoftBank Vision Fund in February 2019.
Worried about not having any freight forwarding experience?
- Don’t be! We’re building the first Operating System for Global Trade. That’s why it’s incredibly important for us to bring people from diverse backgrounds and experiences together with our industry veterans to help move the freight forwarding industry forward.
- What’s freight forwarding and why does it matter? Freight forwarding is the coordination and shipment of goods from one place to another and it’s what makes global trade possible. Flexport is on a mission to make global trade easier for everyone because we believe it can help connect the world and break down economic barriers.
- We know this industry is complex. That’s why we invest in education starting day one with Flexport Academy, a one week intensive onboarding program designed specifically to set every new Flexport employee up for success.
At Flexport, our ability to fulfill our mission of making global trade easy for everyone relies on having a diverse, dedicated, and engaged workforce. That is why Flexport is committed to creating and nurturing an environment where anyone can be their authentic self. All qualified applicants will receive consideration for employment regardless of race, color, religion, sex, creed, national origin, age, physical and mental disability, health status, marital and family status, sexual orientation, gender identity and expression, military and veteran status, and any other characteristic protected by applicable law.
Tags: Active Directory Analytics APIs Automation AWS Azure Cloud Compliance DevOps GCP IaaS Java JavaScript JSON Kerberos LDAP Linux OpenID PaaS PKI Python Ruby SaaS SAML SSO Windows XML
Perks/benefits: Transparency
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs