Home › Companies › Whoop › Security Engineer, IAM
Security Engineer, IAM
Whoop · Boston, MA · On Site · Active · Lever
Job facts
| Field | Value |
|---|---|
| Company | Whoop |
| Title | Security Engineer, IAM |
| Normalized title | - |
| Department / team | Information Security |
| Location | Boston, MA, United States |
| Work model | On Site |
| Employment type | - |
| Salary | - |
| Status | active |
| ATS provider | Lever |
| Posted / first seen | 2026-03-12 / 2026-05-29 |
| Changed / last seen | 2026-06-06 / 2026-06-06 |
Related slices
| Page | What it contains | Open |
|---|---|---|
| Company jobs | Active postings from Whoop. | Open |
| Company breakdowns | Role, location, ATS, and work model facets for this company. | Open |
| ATS provider jobs | Active postings observed through Lever. | Open |
| Provider filtered search | The same provider as a filtered job collection. | Open |
| City jobs | Active postings in Boston. | Open |
| Work model jobs | Active On Site postings. | Open |
| Lifecycle events | Open, update, close, and reopen events for this posting. | Open |
| Original posting | Canonical source or apply URL captured from the ATS. | Open |
Linked records
| Company | Whoop |
| Source | ecc909db-1586-4810-ade6-cdf769612277 |
| ATS provider | Lever |
Description
Responsibilities
Implement authentication and authorization controls across SaaS platforms, cloud infrastructure, and internal applications
Configure and maintain SSO, MFA, conditional access policies, and federation integrations
Assist with the evolution of single sign-on (SSO), multi-factor authentication (MFA), conditional access, and zero trust access models
Assist in design and enforce role-based and attribute-based access control models (RBAC/ABAC) across cloud and SaaS systems
Validate identity provider integrations, including application onboarding and SCIM provisioning
Partner with Engineering to secure application authentication flows, API access, service-to-service authentication, and token management
Harden and optimize identity provider configurations, including lifecycle management, federation, and SCIM provisioning
Support AWS IAM security, including policy implementation, role configuration, cross-account access management, and identity federation
Implement privileged access and identity lifecycle controls, including provisioning, deprovisioning, access reviews, entitlement governance, least privilege enforcement, and just-in-time access mechanisms
Secure APIs, service accounts, and non-human identities used in automation and CI/CD workflows
Implement and improve identity monitoring and detection capabilities, including anomaly detection, session risk analysis, and identity threat response
Partner with GRC to support identity-related audits, evidence collection, and control validation across frameworks such as ISO 27001, SOC 2, PCI DSS, and GDPR
Contribute to incident response efforts involving identity compromise, credential abuse, or unauthorized access events
Qualifications
3+ years of experience in IAM engineering or identity architecture
Hands-on experience with enterprise identity providers such as Okta, Azure AD, or similar enterprise IAM platforms
Strong understanding of modern authentication and authorization protocols, including SAML, OAuth 2.0, OIDC, SCIM, and JWT
Experience designing and implementing RBAC and/or ABAC models in cloud-native environments
Strong knowledge of AWS IAM, cross-account access models, and cloud identity federation
Experience securing APIs, service accounts, machine identities, and CI/CD authentication workflows
Experience with privileged access management concepts and least privilege enforcement
Experience automating IAM tasks using scripting or infrastructure-as-code tools (i.e., Python, Terraform, or similar infrastructure-as-code tooling)
Familiarity with identity threat detection and response methodologies
Bachelor’s degree in Computer Science, Cybersecurity, or related field; relevant certifications (i.e., CISSP, CISM, GIAC, AWS Security Specialty, Okta Certified Professional) or equivalent practical experience will also be considered
Full job record
| Job ID | eb11242985991f55216eaaf6c026c11f98945f25 |
| Org ID | 81b7662b-beb5-42b7-a56b-1a3be62744eb |
| Source ID | ecc909db-1586-4810-ade6-cdf769612277 |
| Board ID | ecc909db-1586-4810-ade6-cdf769612277 |
| Provider | lever |
| Provider Job Key | 7b4065d5-0cbb-47da-9d1e-3e52d9f75917 |
| Title | Security Engineer, IAM |
| Normalized Title | — |
| Status | active |
| Active | yes |
| Location Text | Boston, MA |
| Department | — |
| Team | Information Security |
| Employment Type | — |
| Workplace Type | on_site |
| Remote Policy | — |
| Country | United States |
| Region | MA |
| City | Boston |
| Salary Raw | — |
| Salary Min | — |
| Salary Max | — |
| Salary Currency | — |
| Salary Period | — |
| Source URL | https://jobs.lever.co/whoop/7b4065d5-0cbb-47da-9d1e-3e52d9f75917 |
| Apply URL | https://jobs.lever.co/whoop/7b4065d5-0cbb-47da-9d1e-3e52d9f75917/apply |
| First Seen At | 2026-05-29 07:01:38Z |
| Last Seen At | 2026-06-06 07:57:37Z |
| Last Checked At | 2026-06-06 07:57:37Z |
| Last Changed At | 2026-06-06 07:57:37Z |
| Inactive At | — |
| Source Posted At | 2026-03-12 16:07:17Z |
| Source Updated At | — |
| Raw Payload Uri | s3://job-postings-prod-raw-590183727216/raw/provider=lever/board=whoop/date=2026-06-06/2026-06-06T07-57-37-112Z-3a62ae598fc582af875adf7026536e582b340245001f88e50ac54fd067359829.json |
Event Fields
{
"content_hash": "83afecdd2d14af373f2771c1ff9b5bcdc4647c4622e15037ef3f9a7746671025",
"source_hash": "7526a32bc9a38509d30550ccc97cef05a14b8231d27ee5488c85e7bbfae05bba",
"last_changed_at": "2026-06-06T07:57:37.966Z",
"active_status": "active"
}Parsed Structured
{
"language": "en",
"location": {
"raw": "Boston, MA",
"city": "Boston",
"region": "MA",
"country": "United States",
"is_remote": false,
"confidence": 0.9
},
"salary_max": null,
"salary_min": null,
"inferred_at": "2026-06-06T07:57:37.762Z",
"launch_scope": {
"reason": "english_us_canada",
"included": true,
"language": "en",
"location": {
"raw": "Boston, MA",
"city": "Boston",
"region": "MA",
"country": "United States",
"is_remote": false,
"confidence": 0.9
},
"countries": [
"United States"
]
},
"remote_policy": null,
"salary_period": null,
"workplace_type": "on_site",
"salary_currency": null
}Extensions
{}Native Structured
{
"lists": [
{
"text": "Responsibilities",
"content": "<div>\n<ul style=\"margin-top: 12.0pt; margin-bottom: .0001pt;\">\n<li style=\"margin: 12pt 0in 0.0001pt 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;\"><span style=\"font-family: 'Proxima Nova';\">Implement authentication and authorization controls across SaaS platforms, cloud infrastructure, and internal applications</span></li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;\"><span style=\"font-family: 'Proxima Nova';\">Configure and maintain SSO, MFA, conditional access policies, and federation integrations</span></li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;\"><span style=\"font-family: 'Proxima Nova';\">Assist with the evolution of single sign-on (SSO), multi-factor authentication (MFA), conditional access, and zero trust access models</span></li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;\"><span style=\"font-family: 'Proxima Nova';\">Assist in design and enforce role-based and attribute-based access control models (RBAC/ABAC) across cloud and SaaS systems</span></li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;\"><span style=\"font-family: 'Proxima Nova';\">Validate identity provider integrations, including application onboarding and SCIM provisioning</span></li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;\"><span style=\"font-family: 'Proxima Nova';\">Partner with Engineering to secure application authentication flows, API access, service-to-service authentication, and token management</span></li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;\"><span style=\"font-family: 'Proxima Nova';\">Harden and optimize identity provider configurations, including lifecycle management, federation, and SCIM provisioning</span></li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;\"><span style=\"font-family: 'Proxima Nova';\">Support AWS IAM security, including policy implementation, role configuration, cross-account access management, and identity federation</span></li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;\"><span style=\"font-family: 'Proxima Nova';\">Implement privileged access and identity lifecycle controls, including provisioning, deprovisioning, access reviews, entitlement governance, least privilege enforcement, and just-in-time access mechanisms</span></li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;\"><span style=\"font-family: 'Proxima Nova';\">Secure APIs, service accounts, and non-human identities used in automation and CI/CD workflows</span></li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;\"><span style=\"font-family: 'Proxima Nova';\">Implement and improve identity monitoring and detection capabilities, including anomaly detection, session risk analysis, and identity threat response</span></li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;\"><span style=\"font-family: 'Proxima Nova';\">Partner with GRC to support identity-related audits, evidence collection, and control validation across frameworks such as ISO 27001, SOC 2, PCI DSS, and GDPR</span></li>\n<li style=\"margin: 0in 0in 12pt 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;\"><span style=\"font-family: 'Proxima Nova';\">Contribute to incident response efforts involving identity compromise, credential abuse, or unauthorized access events</span></li>\n\n</ul></div>"
},
{
"text": "Qualifications",
"content": "<div>\n<ul style=\"margin-top: 12.0pt; margin-bottom: .0001pt;\">\n<li style=\"margin: 12pt 0in 0.0001pt 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;\"><span style=\"font-family: 'Proxima Nova';\">3+ years of experience in IAM engineering or identity architecture</span></li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;\"><span style=\"font-family: 'Proxima Nova';\">Hands-on experience with enterprise identity providers such as Okta, Azure AD, or similar enterprise IAM platforms</span></li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;\"><span style=\"font-family: 'Proxima Nova';\">Strong understanding of modern authentication and authorization protocols, including SAML, OAuth 2.0, OIDC, SCIM, and JWT</span></li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;\"><span style=\"font-family: 'Proxima Nova';\">Experience designing and implementing RBAC and/or ABAC models in cloud-native environments</span></li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;\"><span style=\"font-family: 'Proxima Nova';\">Strong knowledge of AWS IAM, cross-account access models, and cloud identity federation</span></li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;\"><span style=\"font-family: 'Proxima Nova';\">Experience securing APIs, service accounts, machine identities, and CI/CD authentication workflows</span></li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;\"><span style=\"font-family: 'Proxima Nova';\">Experience with privileged access management concepts and least privilege enforcement</span></li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;\"><span style=\"font-family: 'Proxima Nova';\">Experience automating IAM tasks using scripting or infrastructure-as-code tools (i.e., Python, Terraform, or similar infrastructure-as-code tooling)</span></li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;\"><span style=\"font-family: 'Proxima Nova';\">Familiarity with identity threat detection and response methodologies</span></li>\n<li style=\"margin: 0in 0in 12pt 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;\"><span style=\"font-family: 'Proxima Nova';\">Bachelor’s degree in Computer Science, Cybersecurity, or related field; relevant certifications (i.e., CISSP, CISM, GIAC, AWS Security Specialty, Okta Certified Professional) or equivalent practical experience will also be considered</span></li>\n\n</ul></div>"
}
],
"country": "US",
"createdAt": 1773331637157,
"updatedAt": null,
"categories": {
"team": "Information Security",
"location": "Boston, MA",
"allLocations": [
"Boston, MA"
]
},
"salaryRange": null,
"workplaceType": "onsite"
}Get this page with API
Rendered from the bluedoor Job Postings API. Reproduce it:
GET https://api.bluedoor.sh/job-postings/v1/jobs/eb11242985991f55216eaaf6c026c11f98945f25?include=descriptionJSONGET https://api.bluedoor.sh/job-postings/v1/orgs/81b7662b-beb5-42b7-a56b-1a3be62744ebJSONGET https://api.bluedoor.sh/job-postings/v1/sources/ecc909db-1586-4810-ade6-cdf769612277JSONGET https://api.bluedoor.sh/job-postings/v1/jobs/eb11242985991f55216eaaf6c026c11f98945f25/eventsJSON