Senior Application Security IAM Engineer

Mark43 is approved to hire in Canada, the UK, and 45 U.S. states, including Arizona, California (excluding San Francisco), Colorado, Connecticut, Washington D.C., Florida, Georgia, Iowa, Idaho, Illinois, Indiana, Kansas, Massachusetts, Maryland, Maine, Michigan, Minnesota, Missouri, North Carolina, Nebraska, New Hampshire, New Jersey, New Mexico, New York, Ohio, Oklahoma, Oregon, Pennsylvania, South Carolina, Tennessee, Texas, Utah, Virginia, Vermont, Washington, Wisconsin, and West Virginia. Before applying to a remote role, please ensure that

Mark43 is approved to hire in Canada, the UK, and 45 U.S. states, including Arizona, California (excluding San Francisco), Colorado, Connecticut, Washington D.C., Florida, Georgia, Iowa, Idaho, Illinois, Indiana, Kansas, Massachusetts, Maryland, Maine, Michigan, Minnesota, Missouri, North Carolina, Nebraska, New Hampshire, New Jersey, New Mexico, New York, Ohio, Oklahoma, Oregon, Pennsylvania, South Carolina, Tennessee, Texas, Utah, Virginia, Vermont, Washington, Wisconsin, and West Virginia. Before applying to a remote role, please ensure that you are able to  perform the position in one of the states listed above. State locations and specifics are subject to change as our hiring requirements shift. Applicants must be authorized to work for any employer in the country in which the role is being hired. We are unable to sponsor or take over sponsorship of an employment visa at this time. 

Mark43’s mission is to empower communities and their governments with new technologies that improve the safety and quality of life for all. We build powerful, scalable, and elegant software that sets a new standard for the tools upon which our first responders rely. Our users are diverse, and we are therefore committed to embracing diversity of thought and experience within our team. We’re seeking an experienced and innovative Senior IAM Security Engineer to own, build, and operate the critical infrastructure that secures our platform and customer data. As a senior member of the Mark43 Security team, you will be responsible for our identity and access management ecosystem, from architecture to implementation. You’ll contribute to building robust, scalable, and secure solutions to unique challenges at the intersection of public safety and cloud technology. As an engineer at Mark43, you'll have the freedom to design and implement your own solutions, driving our zero-trust strategy forward and having a meaningful impact on our security posture. 

What You’ll Do 

If you were a part of our team, here are some things you would have done last week:

• Spent time working with a Product Manager to understand requirements for a new identity feature.
• Designed, built, and maintained our core IAM services and infrastructure using languages like Java, Typescript, or Java.
• Implemented and managed authentication and authorization solutions using protocols like OIDC, OAuth2, and SAML.
• Developed and supported integrations for Single Sign-On (SSO), multi-factor authentication (MFA) with technologies like Yubikey, and automated user lifecycle management (SCIM).
• Administered and enhanced our Azure EntraID and B2C environments to meet security and scalability needs.
• Contributed to our zero-trust architecture using tools like OpenZiti or other modern secure access solutions.
• Reviewed code submitted by other engineers and submitted your own code for review as part of our secure software development/deployment process.
• Written clear, concise technical documentation to accompany your code that your teammates will trust.
• Nurtured an engineering culture that cares deeply about security and the quality of the code we write, while still working quickly to bring our technology to as many customers as possible.
• Participated in an on-call.

What You’ll Need:

We are seeking engineers with at least 3 years of professional experience in Identity and Access Management and software engineering. You should be comfortable utilizing agile development methodologies and have a passion for building secure, reliable systems. Our codebase is large and complex, so we expect you to write clear, concise code and intuitive documentation to help other engineers understand your contributions.

• Deep understanding of authentication and authorization concepts and protocols (SSO, MFA, SCIM, OIDC, OAuth2).
• Hands-on experience with cloud identity providers, preferably Azure EntraID and/or B2C.
• Proficiency in at least one language such as Java, Typescript, Go, Python, etc.
• Experience with securing CI/CD pipelines, infrastructure-as-code, and container orchestration (e.g., Kubernetes).
• Experience with FedRAMP, or other NIST 800-53 based compliance frameworks is a plus.
• Experience in maximizing efficiency with the help of GenAI-infused tooling.
• Familiarity with AWS services and securing cloud environments.
• Knowledge of, or prior experience with zero-trust networking principles and tools (e.g., OpenZiti, ngrok) is a strong plus.
• Commitment to providing support for other members of the team and developing cooperative working relationships.
• Leaning in to contribute to the company outside your role - our engineers have written blog posts, attended events, and helped grow our team.

People who thrive on our team also tend to share the following characteristics:

• Humble, open, and curious. You recognize that no one is perfect and you will be wrong, and you’re excited about listening and learning being a big part of your job.
• Attentive, active listeners. You’re interested in what others have to say and illustrate your interest with your actions.
•  You do not shy away from challenging work and you proactively help your team solve problems.
• Enthusiastic collaborators. You understand that the best outcomes are achieved through shared ownership, and seek to spread knowledge and expand participation rather than restrict it.
• Comfortable with uncertainty. You know that sometimes problems and situations can’t be simplified or fully understood, and are at ease working within this type of haziness.
• Passionate about personal growth. You view mistakes as opportunities for learning, and want to grow as a designer, colleague, and person.
• Eager to help others. You look for ways to provide support for more junior members of the team and develop cooperative working relationships.

We feel passionately about equal pay for equal work, and transparency in compensation is one vehicle to achieve that. Total compensation for this role is market competitive, including a target base annual salary range of $110,000 - $135,000, plus bonus opportunity, company stock options, and a full benefits package, including health insurance, paid time off, and a 401k plan. Our Privacy Notice describes how Mark43 uses and protects the personal information of prospective employees during the recruitment process. It informs you about our handling of the personal information you provide to us when you apply for a position in our organization and in general when you express your interest in joining our team. As a part of Mark43's security measures all employees must: Engage in appropriate use of the company's electronic information resources; Become knowledgeable about and follow relevant security policies and guidelines; Protect the resources under their control, such as passwords, computers, and data that they create, receive, or download; and Promptly report security-related incidents and violations, and responding to official reports of security incidents involving their systems or accounts.Mark43 is committed to the full inclusion of all qualified individuals. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information. As part of this commitment, we will ensure that persons with disabilities are provided reasonable accommodations. If reasonable accommodation is needed, please email recruiting@Mark43.com requesting the accommodation.