Senior Identity Management Engineer

• Platform Implementation: Complete baseline environment configuration for Ping Directory and Conductor One across Dev and Prod tiers. • Workforce Automation: Integrate HRIS (Workday) with the IGA platform to automate Joiner-Mover-Leaver (JML) processes. • Technical Connectivity: Build and validate production-ready connectors for the core ecosystem, including Okta, AWS, Google, Slack, and Squad. • Compliance Hardening: Deploy "Justify or Revoke" workflows and automated reporting to support SOX/ISO privileged access reviews. • Identity Isolation: Execute the migration of Workforce and Service identities to Ping Directory. • Operational Readiness: Define technical test plans, draft formal procedural documentation for audits, and create system runbooks for the permanent operations team. Your primary focus will be the build, deployment, and configuration of the core IAM platform.

• Experience: 4+ years in Information Security, with at least 2 years specifically focused on implementing IAM solutions in large enterprise environments. • Identity Expertise: Expert-level knowledge of at least one major Cloud Identity Provider (AWS IAM, Azure) and core protocols including SAML, OAuth 2.0, OIDC, SCIM, and LDAP. • Modern Principles: Deep understanding of Zero Trust principles and access models such as RBAC, ABAC, and PBAC. • Education: Bachelor’s or Master’s degree in Computer Science, IT, or equivalent practical experience. • Ability to develop code in either Python or Go. • Identity Providers: Experience with integration patterns with IdPs such as Okta, Auth0 or Microsoft Entra ID. • IGA/PAM: Experience with Conductor One, SailPoint, Saviynt or similar platforms. • Directory Services: Hands-on experience with Ping Directory or similar LDAP solutions. Including monitoring for performance and fine-tuning CPU, Memory and Storage. • Cloud Infrastructure: Understanding of AWS cloud infrastructure and security concepts. Comfortable with Kubernetes and Infrastructure-as-Code (IaC) such as Terraform and Helm and CI/CD platforms such as ArgoCD. • API Security: Experience protecting APIs using OAuth scopes and claims. • Troubleshoot and resolve complex integration and performance issues across the IAM stack. The base salary range for this position is $162,000 - $235,000 per Year . Aurora’s pay ranges are determined by role, level, and location. Within the range, the successful candidate’s starting base pay will be determined based on factors including job-related skills, experience, qualifications, relevant education or training, and market conditions. These ranges may be modified in the future. The successful candidate will also be eligible for an annual bonus, equity compensation, and benefits. Working at Aurora At Aurora, we bring together extraordinarily talented and experienced people united by the strength of our values. We operate with integrity, set outrageous goals, and build a culture where we win together — all without any jerks. We believe in-person work increases collaboration, empathy and our ability to lead effectively. As a result, we operate in a hybrid work environment where Aurorans are in office at least 3 days per week. Our Careers page provides insight into what it is like to work at Aurora, and you can find all the latest updates in our Newsroom .