MongoDB Senior IAM & Security Engineer 

Australia, New South Wales, Sydney 

911481000

We are seeking a highly experienced Senior IAM & Security Engineer with deep expertise in IAM, cloud security, automation, and endpoint security. In this role, you will lead the design, implementation, and ongoing management of complex security solutions at scale while partnering closely with cross-functional teams to strengthen our security posture and streamline secure access across our global environment.

• Lead administration and enhancement of IAM platforms, including Okta, AWS, GCP, and Azure IAM, ensuring secure, least-privilege, and scalable access models
• Architect and implement SSO (SAML, OIDC, OAuth2), signals sharing and global token revocation alongside building policies to strengthen authentication and user verification
• Develop, optimize, and enforce role-based access control (RBAC) models and identity governance workflows to improve access security and audit readiness
• Automate complex identity lifecycle processes (provisioning, deprovisioning, just-in-time access) leveraging Terraform/OpenTofu and Python at scale
• Define and enforce security controls for GitHub repository management, ensuring secure and compliant CI/CD pipeline access

• Lead security design and enforcement across multi-cloud environments (AWS, GCP, Azure) focusing on IAM policies, resource permissions, and access control best practices
• Build and maintain automated security configurations and policy enforcement using Terraform/OpenTofu, CloudFormation, and Python scripting
• Conduct comprehensive cloud security assessments, identifying misconfigurations, excessive privileges, and areas of risk
• Support and enhance network security solutions, including Cloudflare WARP, VDI access controls, and next-gen VPN alternatives

• Manage and improve MDM platforms (JAMF, Workspace ONE, Kolide) and implement advanced device trust policies for macOS, Windows, and Linux endpoints
• Automate continuous compliance monitoring and enforce security baselines for corporate and BYOD devices across the organization
• Lead deployment and evolution of Zero Trust security frameworks integrating device posture signals into IAM policies and access decisions

• Develop, maintain, and optimize security automation workflows using Tines, Python, and PowerShell to reduce manual effort and improve incident response
• Support Splunk SIEM platform administration including log analysis, alert tuning, and building automated incident workflows
• Monitor, investigate, and respond to IAM and cloud security incidents; lead root cause analysis and drive remediation efforts

• 5+ years of hands-on experience in IAM, Cloud Security, or Security Engineering roles with increasing responsibility
• Deep expertise with IAM solutions such as Okta, AWS IAM, GCP IAM, Azure AD, and identity federation technologies
• Strong knowledge of authentication protocols and standards including OAuth2, OIDC, SAML, and MFA best practices
• Proven experience with Infrastructure as Code (Terraform/OpenTofu, CloudFormation) and security automation, preferably Tines, at scale
• Proficiency in scripting languages such as Python, Bash, or PowerShell to build and maintain automation tooling
• Experience managing MDM solutions and designing device security and compliance policies
• Familiarity with SIEM tools (Splunk preferred), endpoint monitoring, and security alerting platforms

• AWS Certified Security Specialty
• Okta Certified Administrator/Consultant
• CISSP or equivalent advanced security certification

Req ID - 2263186526