Note: The job is a remote job and is open to candidates in USA. Life360 is a company dedicated to keeping families connected through its innovative mobile app and services. They are seeking a Senior IAM Engineer to own the enterprise identity platform, focusing on automation, governance, and system design to enhance identity management processes across the organization.
Responsibilities
- Own the enterprise identity platform as an engineering system — architect SSO integrations, lifecycle workflows, MFA policy, and group provisioning in Okta using IaC as the source of truth; configuration drift is a bug, not a ticket
- Engineer the identity lifecycle management layer — design access control models and codify provisioning/deprovisioning workflows in IaC, partnering with HR systems to eliminate manual access operations and return clean provisioning capability to the helpdesk tier
- Engineer access governance across the cloud and SaaS portfolio — own role assignments, group structures, and access controls across cloud infrastructure and collaboration platforms; design and automate periodic access reviews so auditability is structural, not procedural
- Harden the device-to-identity trust boundary — own device trust integrations between our identity provider and MDM platforms, ensuring device compliance signals are correctly evaluated in access policy and that the control surface is fully codified
- Rationalize and consolidate legacy identity surface — lead the technical cleanup of orphaned accounts, stale SSO integrations, and guest access sprawl across the SaaS portfolio; treat this as technical debt reduction with measurable outcomes
- Build the IAM measurement layer — define, instrument, and track KPIs (access review completion rates, provisioning latency, orphaned account age, ticket volume trends) that justify investment decisions and demonstrate program maturity to Security leadership
- Define the identity layer of our access request platform — architect the entitlement structures and access controls exposed through our self-service access tooling; codify the configuration in IaC and own the integration contract between identity infrastructure and the employee-facing access experience
- Contribute to a unified service catalog — ensure identity workflows are clearly surfaced through a single employee-facing entry point and that the handoff between self-service and engineer-owned provisioning is unambiguous
- Use AI coding agents as a first-class part of the identity engineering workflow — draft and validate Terraform modules, provisioning logic, and access-policy changes with AI assistance, and own review of anything AI-generated before it reaches production identity infrastructure
Skills
- Production experience in engineering and operating an enterprise identity platform at scale; SSO, lifecycle management, MFA, application integrations, and group-based access, with a strong bias toward configuration-as-code over manual administration
- Strong IaC skills are required (Terraform or equivalent) applied to identity infrastructure — you write modules, manage state, and treat IaC plans as the change control mechanism
- Deep working knowledge of SAML 2.0, OAuth 2.0, OIDC, and SCIM — you can debug a broken SAML assertion, reason through an OAuth flow, and design a SCIM provisioning schema without looking things up— including hands-on experience with custom authorization servers
- Experience designing access control models in SaaS-heavy, remote-first environments. You understand the difference between a pragmatic access model and one that will collapse under growth
- Experience governing access across cloud and SaaS platforms via SSO and SCIM — including group structures, permission boundaries, and collaboration platform controls
- Comfort writing code to automate identity operations — Python, Go, or similar; you reach for a script before you reach for a ticket
- Track record of defining measurable outcomes for security/identity programs and communicating them to non-technical stakeholders
- Demonstrated fluency with AI coding/agent tools in a production engineering context — you can describe an end-to-end AI-assisted workflow you built (not just tool usage), and you know how to review AI-generated IaC or configuration before it ships
- Experience integrating device trust between an identity provider and MDM platforms to enforce compliance as a condition of access
- Familiarity with self-service access request platforms
- Experience operating in SOX, SOC 2, GDPR, CCPA, or COPPA compliance environments
- Exposure to zero-trust architecture patterns and their application to workforce identity
Benefits
- Competitive pay and benefits.
- Medical, dental, vision, life, and disability insurance plans (100% paid for US employees). We offer supplemental plans for medical and dental for Canadian employees.
- 401(k) plan with company matching program in the US and RRSP with DPSP plan for Canadian employees.
- Employee Assistance Program (EAP) for mental wellness.
- Flexible PTO and 12 company-wide days off throughout the year.
- Winter and Summer Weeklong Synchronized Company Shutdowns
- Learning & Development programs.
- Equipment, tools, and reimbursement support for a productive remote environment.
- Free Life360 Platinum Membership for your preferred circle.
- Free Tile Products
Company Overview
Company H1B Sponsorship