Senior Identity Access Management Engineer
$158k - $279kFull-time
Roku
TEAMWORK MAKES THE STREAM WORK.
ROKU IS CHANGING HOW THE WORLD WATCHES TV
Roku is the #1 TV streaming platform in the U.S., Canada, and Mexico, and we've set our sights on powering every television in the world. Roku pioneered streaming to the TV. Our mission is to be the TV streaming platform that connects the entire TV ecosystem. We connect consumers to the content they love, enable content publishers to build and monetize large audiences, and provide advertisers unique capabilities to engage consumers. From your first day at Roku, you'll make a valuable - and valued - contribution. We're a fast-growing public company where no one is a bystander. We offer you the opportunity to delight millions of TV streamers around the world while gaining meaningful experience across a variety of disciplines.ABOUT ROLE
Roku is seeking a senior-level Identity Engineer to enhance its Zero-Trust architecture, drive standardization initiatives, and optimize its Microsoft-centric identity platform for a geographically distributed workforce. The ideal candidate has hands-on experience in identity and access management (IAM) and securing cloud environments within the Microsoft ecosystem, with deep expertise in Azure Entra ID. Equally important is a strong automation mindset—designing, scripting, and building repeatable workflows. The role also requires the ability to communicate complex technical concepts clearly to both technical and non-technical audiences. For Massachusetts Only - The estimated annual salary for this position is between $158,000 - $279,000 annually. Compensation packages are based on factors unique to each candidate, including but not limited to skill set, certifications, and specific geographical location. This role is eligible for health insurance, equity awards, life insurance, disability benefits, parental leave, wellness benefits, and paid time off.WHAT YOU'LL BE DOING
* Lead enterprise-wide IAM standardization, including identity lifecycle, access governance, and policy enforcement across global regions. * Drive automation across IAM to streamline administration and deliver a smoother user experience. * Support enterprise applications onboarding into Azure Entra ID, including SSO, Conditional Access, and role-based access control (RBAC). * Enhance privileged access management and implement scalable monitoring, alerting, and auditability solutions to support a secure, geographically distributed workforce. * Collaborate with IT, Networking, and Security teams to troubleshoot identity-related issues and support global infrastructure initiatives. * Advance Zero Trust Identity Fabric principles like continuous verification, least-privilege access, and identity-aware policy enforcement across users, devices, workloads, and non-human identities. * Build identity automation with a DevOps mindset, writing scripts, developing pipelines, and engineering tooling from scratch rather than just configuring them.WE'RE EXCITED IF YOU HAVE
* 8+ years of hands-on experience with identity and access management and automating cloud technologies, particularly within the Microsoft ecosystem. * Strong analytical skills and attention to detail, with the ability to troubleshoot complex infrastructure and identity-related issues. * Excellent communication skills, with the ability to clearly explain technical concepts to both technical and non-technical stakeholders. * Deep experience with Microsoft Entra ID, including Conditional Access, Identity Governance, and Privileged Identity Management. * Familiarity with Microsoft 365 services: Exchange Online, Defender, Purview, Sentinel, Intune, and related platforms. * Automation and scripting skills using PowerShell, Azure CLI, and Microsoft Graph API; working knowledge of Azure services such as Function Apps and Logic Apps. * Experience in onboarding and managing enterprise applications in Azure Entra ID. * Advanced knowledge of Azure Single Sign-On (SSO) login methods, including OAuth2, OpenID Connect, and SAML, and their integration with enterprise applications. * Knowledge of privileged access tools (Azure PIM, CyberArk, etc), secrets management (HashiCorp or Azure Key Vault), and workload identity patternsSPIFEE & SPIRE.
* Familiarity with NHI governance concepts for service accounts and AI agents, and exposure to OPA / Rego or similar policy-as-code frameworks. * Good to have familiarity with Microsoft Purview for DLP and data classification.- Strong understanding of multi-factor authentication and FIDO2.
- Familiarity with IT security frameworks and compliance standards.
- Knowledge of logging, monitoring, and alerting practices for identity and
- Basic understanding of email security and DNS.
- Experience with backup and recovery strategies for identity-related services.
- Understanding of Zero Trust Architecture principles.
- Familiarity with Jira and Confluence.
- B.S. in Computer Science, Information Technology, Engineering, or equivalent
#LI-RN1
OUR HYBRID WORK APPROACH
Roku fosters an inclusive and collaborative environment where teams work in the office Monday through Thursday. Fridays are flexible for remote work except for employees whose roles are required to be in the office five days a week or employees who are in offices with a five day in office policy.BENEFITS
Roku is committed to offering a diverse range of benefits as part of our compensation package to support our employees and their families. Our comprehensive benefits include global access to mental health and financial wellness support and resources. Local benefits include statutory and voluntary benefits which may include healthcare (medical, dental, and vision), life, accident, disability, commuter, and retirement options (401(k)/pension). Employees are supported in taking time off, in accordance with local leave policies and other personal needs to support their evolving work and life needs. It's important to note that not every benefit is available in all locations or for every role. For details specific to your location, please consult with your recruiter.ACCOMMODATIONS
Roku welcomes applicants of all backgrounds and provides reasonable accommodations and adjustments in accordance with applicable law. If you require reasonable accommodation at any point in the hiring process, please direct your inquiries to View email address on click.appcast.io [View email address on click.appcast.io?subject=Job%20Application%20Accommodations].THE ROKU CULTURE
Roku is a great place for people who want to work in a fast-paced environment where everyone is focused on the company's success rather than their own. We try to surround ourselves with people who are great at their jobs, who are easy to work with, and who keep their egos in check. We appreciate a sense of humor. We believe a fewer number of very talented folks can do more for less cost than a larger number of less talented teams. We're independent thinkers with big ideas who act boldly, move fast and accomplish extraordinary things through collaboration and trust. In short, at Roku you'll be part of a company that's changing how the world watches TV. We have a unique culture that we are proud of. We think of ourselves primarily as problem-solvers, which itself is a two-part idea. We come up with the solution, but the solution isn't real until it is built and delivered to the customer. That penchant for action gives us a pragmatic approach to innovation, one that has served us well since 2002. To learn more about Roku, our global footprint, and how we've grown, visit [ By providing your information, you acknowledge that you want Roku to contact you about job roles, that you have read Roku's Applicant Privacy Notice [ and understand that Roku will use your information as described in that notice. If you do not wish to receive any communications from Roku regarding this role or similar roles in the future, you may unsubscribe at any time by emailing View email address on click.appcast.io [View email address on click.appcast.io?subject=Unsubscribe%20Request%20].Vacancy posted 3 days ago
Similar jobs that could be interesting for youBased on the Senior Identity Access Management Engineer in Boston, MA vacancy
$113.87k - $165.11k
Job Summary The Senior Identity & Access Manager (IAM) Engineer is responsible for designing, implementing, and managing the identity and access management framework within Northeastern University. The role utilizes deep knowledge of IAM technologies, security protocols...Senior$130.8k - $209.4k
Moderna is seeking a Senior IAM Engineer in Cambridge, Massachusetts to enhance its identity governance capabilities. This role combines technical leadership and hands-on engineering in identity management across the enterprise. The ideal candidate will have a Bachelor...Senior$95.86k - $208.27k
..., and have the flexibility and access to constantly find new areas of... ...KPMG is currently seeking a Senior Associate, Privileged Access Management Delivery Engineer to join our Advisory Services... ...solutions as part of enterprise Identity & Access Management (IAM) programs...SeniorFull timeH1bLocal area- BioSpace is seeking a Senior IAM Engineer to enhance its identity governance capabilities. This role emphasizes technical leadership and hands-on engineering in access governance and identity lifecycle management across complex, regulated environments. The successful candidate...Senior
$113.87k - $165.11k
The Chronicle Of Higher Education, Inc. is seeking a Senior Identity & Access Management Engineer to oversee IAM system design and management at Northeastern University. The role requires extensive experience in IAM technologies and security protocols to protect sensitive...Senior- Initial Therapeutics, Inc. is looking for a Senior IAM Engineer in Cambridge, Massachusetts. This role requires expertise in Identity Governance & Administration (IGA) to design and enhance identity governance capabilities across the enterprise. The ideal candidate will...Senior
- Kymera Therapeutics in Boston is seeking a Desktop Engineer to enhance endpoint management and user support within a hybrid Microsoft environment. This... ..., device management with Intune, and contributions to identity management. The ideal candidate will have 5+ years of experience...Senior
$135k - $182.1k
Senior Identity and Access Management Specialist Bank of America’s Global Information Security (GIS) is seeking a highly experienced Senior Identity and Access Management (IAM) Specialist to lead access provisioning initiatives across a complex enterprise environment. The...SeniorShift workDay shift$130.8k - $209.4k
Moderna Therapeutics in Cambridge is seeking a Senior IAM Engineer to enhance identity governance capabilities. You will manage design, implementation, and continuous improvement across the enterprise systems. Ideal candidates have over 8 years in IT or cybersecurity and...Senior$130.8k - $209.4k
The Role Moderna is seeking a Senior IAM Engineer with expertise in Identity Governance & Administration (IGA) to help design, build,... ...leadership with hands‑on engineering, focused on access governance, identity lifecycle management, and provisioning across a complex, highly...SeniorPermanent employmentWork from home$185k - $234.65k
...knowledge you've gained, and the personal interests that shape who you are. Position Overview The Senior Director of Identity Access Management (IAM) & Data Security Engineering is a senior leadership role responsible for the strategy, architecture, engineering, and...SeniorFull timeWork at officeLocal areaVisa sponsorshipFlexible hours$113.87k - $165.11k
Northeastern University in Boston is hiring a Senior Identity & Access Manager (IAM) Engineer to oversee the design and implementation of IAM frameworks. The role requires strong expertise in security protocols like SAML and OAuth, along with tools such as Microsoft Active...Senior- The Senior Systems Engineers (SE) serves as the technical authority within a project... ...other engineers, program management, quality, external partners... ...and this position requires access to export-controlled... ...sexual orientation, gender identity or expression, or any other...SeniorFor contractorsWork at officeLocal area
- ...Description Mantis Innovation provides managed facility services and turnkey program management... ...and implementation. The Sr. Project Engineer helps clients identify, design, and... ...uneven surfaces, bending, reaching, and accessing confined or restricted equipment areas....SeniorTemporary workWork at officeLocal areaRemote workFlexible hoursNight shift
$150k - $180k
...We have an immediate need for a Senior Electrical Engineer in Newton, MA. Come join our team... ...Record, LiRo-Hill provides construction management, engineering, environmental,... ...affectional or sexual orientation, gender identity or expression, or protected veteran status...SeniorFull timeLocal areaImmediate start$120k - $180k
...Job Description Job Description Senior Mechanical Engineer US-MA-Newton Job ID: 2025-3167... ..., LiRo-Hill provides construction management, engineering, environmental, architectural... ...or sexual orientation, gender identity or expression, or protected veteran status...SeniorLocal areaImmediate start$150k - $180k
...Job Description Job Description Senior Electrical Engineer US-MA-Newton Job ID: 2025-3192... ..., LiRo-Hill provides construction management, engineering, environmental, architectural... ...or sexual orientation, gender identity or expression, or protected veteran status...SeniorLocal areaImmediate start- DraftKings is seeking a Senior Product Manager for Access & Identity in Boston. This role involves leading the strategy and execution of initiatives that drive customer value and business growth. You will define the product roadmap, manage teams, and ensure compliance...Senior
$135k - $182.1k
Koitecc Solutions is looking for a Senior Identity and Access Management Specialist in Boston. This role involves leading access provisioning initiatives and ensuring compliance with security practices across various platforms like Active Directory, Azure, and AWS. The...Senior$127k - $249k
...The Team Platform Engineering is the department within SRE that... ...alerting systems. The Fleet Management team provides the core... ...sexual orientation, gender identity or expression, or any other... ..., mental health counseling, access to transgender-inclusive health...SeniorWork at officeLocal areaRemote workWorldwideFlexible hours$135k - $182.1k
Bank of America is hiring a Senior Identity and Access Management (IAM) Specialist in Boston. This critical role demands 10+ years of proven experience in IAM, focusing on leading access provisioning initiatives across enterprise platforms. The ideal candidate will have...Senior$124k - $280k
...people in data and analytics engineering focus on leveraging advanced... ...services Designing and managing data warehouses and data lakes... ...orientation, and gender identity); age; disability; genetic information... ...to responsibilities such as accessing sensitive company or...SeniorFull timeH1b$135k - $182.1k
Bank of America is seeking a Senior Identity and Access Management Specialist to oversee access provisioning initiatives within a complex enterprise setting. This role emphasizes securing access to systems while adhering to regulatory standards. Candidates should have over...Senior$125k - $205k
...right creators, execute fully managed campaigns, and drive... ...About the role: The Senior Engineer is responsible for driving... ...Diversity, inclusion, and accessibility: At Later, we are committed... ..., religion, gender, gender identity or expression, national origin...SeniorPermanent employmentLocal areaRemote work$130k
...Job Description Job Description Senior Structural Engineer US-MA-Newton Job ID: 2026-3295... ..., LiRo-Hill provides construction management, engineering, environmental, architectural... ...or sexual orientation, gender identity or expression, or protected veteran status...SeniorWork at officeLocal areaImmediate start- ...Job Description Job Description Senior Environmental Engineer / Geologist US-MA-Newton Job... ...the nation's top A/E and Construction Management firms by Engineering News-Record,... ...affectional or sexual orientation, gender identity or expression, or protected veteran...SeniorImmediate start
- Senior Cybersecurity Engineer — Vulnerability and Threat Management Dartmouth College has a Tobacco-Free Policy. Smoking and the use of tobacco-based products (including... ..., national origin, sexual orientation, gender identity or expression, disability, veteran status,...Senior
- ...upgrade manufacturing. We are engineers with deep experience across... ...manufacturing tech more accessible to every industry. Our company... ...Hardware Group is looking for a Senior Mechanical Engineer to help... ..., sexual orientation, gender identity, disability, genetic information...SeniorTemporary workWork at officeFlexible hours
$136k - $170k
The Crown Is Yours As a Senior Product Manager, Access & Identity, you'll lead the strategy, execution, and delivery of high-impact initiatives that drive... ...success metrics that guide execution. Partner with Engineering, Design, Legal, Analytics, UX, and Operations teams to...SeniorFull time- ...specialize in geology, high-voltage engineering, and subsurface tool design.... ...early, including: access, power, water, pressure-control... ...delays and required decisions. Manage a small field team of approximately... ...status, disability, gender identity or Veteran status. If you...SeniorFor contractorsFor subcontractorWork at officeRemote workWorldwideDay shift
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior Identity Access Management Engineer. Be the first to apply!
Related searches
- senior cloud service delivery manager Boston, MA
- senior business analyst contract Boston, MA
- senior product design engineer Boston, MA
- senior game producer Boston, MA
- senior software manager Boston, MA
- senior manager business analytics Boston, MA
- senior marketing account manager Boston, MA
- senior marketing manager Boston, MA
- senior contracts analyst Boston, MA
- sr operations manager Boston, MA



