The RoleDo you care deeply about secure access at scale? Making sure the right people have the right access, exactly when they need it, without slowing teams down? Join Moveworks and help shape the future of our identity and access strategy.At Moveworks, we believe great security is an enabler, not a blocker. As a Senior Identity & Access Management Engineer, you’ll be a hands-on technical developer, coding, designing, building, and scaling IAM solutions across cloud infrastructure, SaaS applications, and internal systems. You’ll own the development of IAM initiatives end-to-end, from untangling ambiguous access challenges to architecting secure, automated solutions and driving them into production.In this role, you’ll develop robust access models across AWS, Azure, Kubernetes, and beyond; reduce privilege sprawl through thoughtful role design; and build strong observability through logging, metrics, and reporting in our SIEM. You’ll modernize access reviews to deliver real security impact with minimal friction, continuously de-risk IAM threats, and partner closely with teams to drive adoption of secure-by-default patterns.Your work will directly protect Moveworks’ most critical systems while enabling our engineers to move fast, safely, and confidently.
What you get to do in this role:Be the technical developer to drive IAM application development: Code, design, and implement solutions with extensive knowledge in AWS, Azure, Teleport, and Terraform. Enabling robust and reliable solutions to keep our engineering teams active.Drive IAM projects end-to-end: Take ambiguous access problems, understand and have the ability to define requirements, architect solutions, and own the rollout/operationalization (not just the design).Develop with secure access models in mind: Continuously develop role design improvements and access assignment patterns across AWS, Kubernetes, SaaS apps, and internal systems to reduce unnecessary privileges, minimize manual grants, and create scalable “safe baseline” access that covers routine work without daily elevation.Develop on operationalizing logging and metrics: Ensure access changes are observable in our Security Information and Event Management (SIEM) tool; build repeatable reporting that surfaces risky access and drift.Run and improve user access reviews (UAR): Develop, execute and design a UAR process & solution that meets compliance requirements while improving real security signal—minimizing approver burden through scoping, automation, and clear decision support.Develop technology to continuously de-risk: Identify high-risk permissions and misuse paths, propose appropriate controls and mitigations, drive adoption with partner teams, and develop solutions to continuously de-risk.Operate with strong security judgment and high signal: Reliably distinguish meaningful IAM risk from noise, gather context efficiently, and escalate with crisp rationale and actionable mitigations.Document and standardize the paved road: Write lightweight procedures, runbooks, and automation so access decisions are consistent, scalable, and not dependent on tribal knowledge.
