Security Engineer, Identity and Access Management (IAM)

At JetBrains, code is our passion. Since 2000, we’ve focused on helping developers work faster by automating routine checks and fixes.  Our tools are used by over 12.5 million people worldwide, including eighty-eight Fortune Global 100 companies.

We are seeking a detail-oriented IAM Security Specialist to lead the integration, support, and governance of our identity ecosystem. You will be the bridge between technical implementation and security compliance, ensuring that every identity, whether human or machine, has exactly the permissions it needs and nothing more. Your focus will be on building scalable RBAC models and maintaining a rigorous access review cycle.

Key responsibilities

System integration and support:

• Lead the technical integration of new applications and services into our centralized IAM platform.
• Provide expert support for complex authentication/authorization issues and serve as a technical escalation point.
• Maintain and optimize IAM infrastructure, including SSO (SAML, OAuth 2.0, OIDC), MFA, and PAM solutions.

Access governance and permission reviews:

• Execute and oversee periodic access re-certifications, ensuring compliance across periodic audit cycles (SOC 2).
• Conduct detailed permission reviews for individuals and system integrations to enforce the Principle of Least Privilege (PoLP).

RBAC and ABAC modeling:

• Design, document, and implement Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) frameworks across a wide range of systems.
• Partner with cross-functional teams (IT, Product, HR) to define business roles and translate them into technical entitlements.

Required skills and experience

• 3+ years of professional experience focused on Identity and Access Management (IAM) engineering or architecture.
• Proven experience administering enterprise IAM solutions and integrating them with diverse systems (e.g., Okta, Auth0, Ping Identity, Microsoft Entra ID).
• Scripting and automation skills using a scripting language such as Python, Go, Bash, or PowerShell.
• Familiarity with cloud IAM solutions (e.g., AWS IAM, GCP IAM).
• Solid understanding of networking, security protocols, and SSO technologies and standards, including SAML, OAuth 2.0, and OIDC.

Preferred qualifications

• Experience in the software development industry, particularly with managing access to source code repositories (Git/GitHub/GitLab) and CI/CD tools (TeamCity, GitLab CI).
• Hands-on experience with Privileged Access Management (PAM) concepts and tools.
• Knowledge of Zero Trust Architecture (ZTA) principles and how to apply them to developer workflows.
• Security certifications (e.g., CISSP, CISA, relevant vendor certifications).
• Familiarity with compliance frameworks relevant to software vendors (SOC 2).
  
  

Why join JetBrains?

JetBrains provides a highly technical and intellectually stimulating environment. You'll work on identity and access management systems used by millions of developers, with the opportunity to work with cutting-edge technologies every day. Help us keep our tools and systems secure. 
We offer:

• Strong base salary. We offer competitive pay that reflects your skills and experience.
• Flexible work location. Enjoy the freedom to work from home or from the office.
• Remote work. Spend up to 30 days per year working remotely from abroad.
• Extra time off. More days to relax, recharge, and do the things you love.
• Medical insurance allowance. Enjoy peace of mind for you and your family.
• Learning and development opportunities. Access to conferences, courses, and language classes.
• Relocation support. We help make your move as smooth and stress-free as possible.
• Language classes. Pick up the local language or sharpen your English skills.
• Fuel your day. Enjoy a hot meal or receive a lunch allowance on workdays.
• Mental health support. To help you feel your best, we provide easy access to professional mental health services.
• Sports benefit. Enjoy an on-site gym or sports club stipend.
• Internal events. Join company-wide celebrations and team gatherings.

*Some benefits may vary depending on location.

#LI-HYBRID
#LI-DS1 

We are an equal opportunity employer

We know great ideas can come from anyone, anywhere. That’s why we do our best to create an open and inclusive workplace – one that welcomes everyone regardless of their background, identity, religion, age, accessibility needs, or orientation.

We process the data provided in your job application in accordance with the Recruitment Privacy Policy.