Identity Access Management Architect
About the position
Aurora’s mission is to deliver the benefits of self-driving technology safely, quickly, and broadly.
The Aurora Driver will create a new era in mobility and logistics, one that will bring a safer, more efficient, and more accessible future to everyone.
At Aurora, you will tackle massively complex problems alongside other passionate, intelligent individuals, growing as an expert while expanding your knowledge. For the latest news from Aurora, visit aurora.tech or follow us on LinkedIn.
Reporting directly to the Head of Cloud Security, you will serve as the IAM Architect across our workforce, customer, and partner domains. We’ve moved past the basics; our stack is built on Zero Trust principles, featuring SPIRE, Open Policy Agent (OPA), and a custom-built group management engine. We need a leader who can navigate the space between high-level strategy and deep-stack execution.
You will own the full IAM lifecycle, evolving our existing infrastructure into a scalable, modern ecosystem that serves as a competitive advantage for our operations.
In this role you will
Responsibilities
• Develop and champion the target-state IAM architecture and roadmap, ensuring alignment with overall business strategy and security requirements.
• Lead the evaluation, selection, and deployment of new IAM products and technologies (IGA, PAM, AM, Directory Services).
• Define and govern IAM policies, standards, and procedures with cloud first infrastructure.
• Provide architectural guidance for complex access control models, role engineering, and segregation of duties (SoD) enforcement.
• Architect solutions for Federation/SSO, ensuring secure and seamless access for partners and customers.
• A deep understanding of access models such as RBAC, ABAC, PBAC.
Requirements
• 10+ years of progressive experience in Information Security, with at least 4 years focused on architecting and implementing IAM solutions in a large enterprise environment.
• Expert-level knowledge of at least one major Cloud Identity Provider (e.g., Azure, AWS IAM) and/or a major Customer Identity and Access Management (CIAM) platform.
• Deep understanding of core IAM protocols: SAML, OAuth 2.0, OpenID Connect (OIDC), SCIM, and LDAP.
• Technical Skills (must have experience in at least some of the following areas):
Identity Governance and Administration (IGA): SailPoint, Saviynt, Conductor One, or similar.
• Privileged Access Management (PAM): CyberArk, HashiCorp Vault, Delinea, or similar.
• Multi-Factor Authentication (MFA): FIDO2/WebAuthn, biometric solutions, or platform-native MFA tools.
• API Security: Protecting APIs using OAuth scopes and claims.
• Soft Skills: Strong analytical, problem-solving, and communication skills. Ability to create clear, concise documentation (architecture diagrams, design documents).
Nice-to-haves
• Proven ability to lead complex IAM solutions from concept to production.
• Ability to influence and collaborate with other areas of the business.
Benefits
• The successful candidate will also be eligible for an annual bonus, equity compensation, and benefits.
Apply tot his job
Apply To this Job
Aurora’s mission is to deliver the benefits of self-driving technology safely, quickly, and broadly.
The Aurora Driver will create a new era in mobility and logistics, one that will bring a safer, more efficient, and more accessible future to everyone.
At Aurora, you will tackle massively complex problems alongside other passionate, intelligent individuals, growing as an expert while expanding your knowledge. For the latest news from Aurora, visit aurora.tech or follow us on LinkedIn.
Reporting directly to the Head of Cloud Security, you will serve as the IAM Architect across our workforce, customer, and partner domains. We’ve moved past the basics; our stack is built on Zero Trust principles, featuring SPIRE, Open Policy Agent (OPA), and a custom-built group management engine. We need a leader who can navigate the space between high-level strategy and deep-stack execution.
You will own the full IAM lifecycle, evolving our existing infrastructure into a scalable, modern ecosystem that serves as a competitive advantage for our operations.
In this role you will
Responsibilities
• Develop and champion the target-state IAM architecture and roadmap, ensuring alignment with overall business strategy and security requirements.
• Lead the evaluation, selection, and deployment of new IAM products and technologies (IGA, PAM, AM, Directory Services).
• Define and govern IAM policies, standards, and procedures with cloud first infrastructure.
• Provide architectural guidance for complex access control models, role engineering, and segregation of duties (SoD) enforcement.
• Architect solutions for Federation/SSO, ensuring secure and seamless access for partners and customers.
• A deep understanding of access models such as RBAC, ABAC, PBAC.
Requirements
• 10+ years of progressive experience in Information Security, with at least 4 years focused on architecting and implementing IAM solutions in a large enterprise environment.
• Expert-level knowledge of at least one major Cloud Identity Provider (e.g., Azure, AWS IAM) and/or a major Customer Identity and Access Management (CIAM) platform.
• Deep understanding of core IAM protocols: SAML, OAuth 2.0, OpenID Connect (OIDC), SCIM, and LDAP.
• Technical Skills (must have experience in at least some of the following areas):
Identity Governance and Administration (IGA): SailPoint, Saviynt, Conductor One, or similar.
• Privileged Access Management (PAM): CyberArk, HashiCorp Vault, Delinea, or similar.
• Multi-Factor Authentication (MFA): FIDO2/WebAuthn, biometric solutions, or platform-native MFA tools.
• API Security: Protecting APIs using OAuth scopes and claims.
• Soft Skills: Strong analytical, problem-solving, and communication skills. Ability to create clear, concise documentation (architecture diagrams, design documents).
Nice-to-haves
• Proven ability to lead complex IAM solutions from concept to production.
• Ability to influence and collaborate with other areas of the business.
Benefits
• The successful candidate will also be eligible for an annual bonus, equity compensation, and benefits.
Apply tot his job
Apply To this Job