Senior Security Engineer, IAM

About Handshake Handshake was founded on a simple belief that everyone deserves a path to a great career, regardless of where they went to school or who they know. Today, we power 25 million job seekers, 1 million+ employers, and 1,600 educational institutions. In 2025, we started Handshake AI and built the fastest-growing AI data business in history. We work directly with frontier AI lab researchers to create evaluations, publish benchmarks, and push the boundary of data. We’ve grown from $0 to ~$1B run rate and pay ~$60M to over 30K individuals every month. Why join Handshake now: Shape how every career evolves in the AI economy, at global scale, with impact your friends, family and peers can see and feel Partner hand-in-hand with world-class AI labs, Fortune 500 partners and the world’s top educational institutions Work together with engineers, scientists, operators, and more from Palantir, Meta, Scale AI, and former YC founders Build a massive, fast-growing business with billions in revenue About the Role Handshake is seeking a Senior Security Engineer to own the architecture, design, and implementation of our enterprise identity automation and governance ecosystem. You’ll define the long-term IAM automation strategy, build resilient and scalable lifecycle workflows, and enable secure-by-default identity operations across SaaS, cloud, and internal platforms. You’ll partner closely with Security, IT Engineering, People Operations, and Product/Platform Engineering to deliver highly automated, auditable, and reliable identity solutions. In this role, you will: Architect, build, and own automated onboarding, offboarding, and access-change workflows across Okta, Workday, SCIM, and event-driven systems. Engineer integration layers between identity platforms and internal applications using Python, REST APIs, Webhooks, and Terraform. Implement error-handling, reconciliation logic, telemetry, and monitoring to ensure reliability and determinism in identity lifecycle events. Modernize existing provisioning logic and replace manual processes with scalable automation frameworks. Develop tooling and pipelines enabling version-controlled, testable, observable IAM automation. Act as a technical owner for Handshake’s IAM ecosystem, including Okta, Google Workspace, GCP, AWS IAM, and internal access systems. Engineer and optimize authentication & authorization protocols (OIDC, OAuth2, SAML, JWT), fine-grained access policies, and scalable RBAC/ABAC models. Build custom automation using Okta Workflows or API-driven orchestration. Design SOC2-compliant access controls, approvals, attestations, and auditability mechanisms. Build automated access certification systems with full data lineage. Conduct identity-related incident forensics and implement preventative automation. Provide cross-functional leadership, setting standards, best practices, and reference architectures for identity automation. Serve as service owner for IAM automation platforms with accountability for uptime, consistency, and continuous improvement. Desired Capabilities 4–7+ years of hands-on IAM engineering, identity automation, or identity governance experience. Strong scripting/automation skills in Python, Node.js, and REST-based integrations. Experience with IAM platforms such as Okta, Google Workspace/GCP, Azure AD, or similar. Deep understanding of identity protocols, token flows, SCIM, and distributed lifecycle orchestration. Experience with Terraform or other infrastructure-as-code frameworks. Ability to diagnose complex identity issues across SaaS, cloud, and distributed systems. Strong understanding of DevOps practices, observability, and secure engineering principles. Demonstrated ownership mindset across architecture, implementation, monitoring, and iterative improvement. Extra Credit Advanced experience with GCP IAM, Google Workspace IAM, AWS IAM, cross-account access patterns, and policy automation. Experience with Okta Workflows, SailPoint/IGA, or Privileged Access Management (PAM) solutions. Experience designing scalable authorization models for high-growth or distributed organizations. Certifications such as Okta Architect, Azure Identity Engineer, CISSP. Prior experience in SaaS, high-growth, or distributed engineering environments. Perks Handshake delivers benefits that help you feel supported—and thrive at work and in life. The below benefits are for full-time US employees. 🎯 Ownership: Equity in a fast-growing company 💰 Financial Wellness: 401(k) match, competitive compensation, financial coaching 🍼 Family Support: Paid parental leave, fertility benefits, parental coaching 💝 Wellbeing: Medical, dental, and vision, mental health support, wellness stipend 📚 Growth: Learning stipend, ongoing development 💻 Remote & Office: Internet, commuting, and free lunch/gym in our SF office 🏝 Time Off: Flexible PTO, 15 holidays + 2 flex days 🤝 Connection: Team outings & referral bonuses Explore our mission, values, and comprehensive US benefits at joinhandshake.com/careers .

{
  "content_hash": "7a04e80b79087f2d788e67a7a14b41599776981301d0cf7a5eccb7163f1f4d47",
  "source_hash": "df5e53d1334da91ff5e573e95e1814c373dffda7c03c58fdd23122a678351dd7",
  "last_changed_at": "2026-05-29T06:43:08.773Z",
  "active_status": "active"
}

{
  "language": "en",
  "location": {
    "raw": "San Francisco, CA",
    "city": "San Francisco",
    "region": "CA",
    "country": "United States",
    "is_remote": true,
    "confidence": 0.9
  },
  "salary_max": null,
  "salary_min": null,
  "inferred_at": "2026-06-06T09:32:27.514Z",
  "launch_scope": {
    "reason": "english_us_canada",
    "included": true,
    "language": "en",
    "location": {
      "raw": "San Francisco, CA",
      "city": "San Francisco",
      "region": "CA",
      "country": "United States",
      "is_remote": true,
      "confidence": 0.9
    },
    "countries": [
      "United States"
    ]
  },
  "remote_policy": "remote",
  "salary_period": null,
  "workplace_type": "remote",
  "salary_currency": null
}

{}

{
  "id": "56cb1fa6-2309-441e-a323-05671f09e523",
  "team": "Engineering, IT",
  "title": "Senior Security Engineer, IAM",
  "jobUrl": "https://jobs.ashbyhq.com/handshake/56cb1fa6-2309-441e-a323-05671f09e523",
  "address": null,
  "applyUrl": "https://jobs.ashbyhq.com/handshake/56cb1fa6-2309-441e-a323-05671f09e523/application",
  "isListed": true,
  "isRemote": false,
  "location": "San Francisco, CA",
  "updatedAt": null,
  "apiVersion": "ashby-non-user-graphql-v1",
  "department": "Engineering",
  "publishedAt": null,
  "workplaceType": null,
  "employmentType": "FullTime",
  "secondaryLocations": []
}