Senior Security IAM Engineer Lisboa

Senior Security IAM Engineer
Lisboa
Lisboa, Lisboa, Portugal

Social network you want to login/join with:

Description

Scopely is looking for a Senior IAM Security Engineer to support our global IT Security team in Europe on a hybrid basis or remote basis. This individual will apply their advanced expertise to build and mature our modern IAM program in a way that is relevant to a global, complex,
- driven organization. In this position, you will work closely with security, platform engineering, and infrastructure teams to design, build, and evolve Scopely’s IAM architecture to meet the needs of a
- scale,
- cloud, and
- driven environment. At Scopely, we care deeply about what we do and want to inspire play, every day - whether in our work environments alongside our talented colleagues, or through our deep connections with our communities of players. We are a global team of game lovers who are developing, publishing and innovating the mobile games industry, connecting millions of people around the world daily.

What You Will Do:

1. Own and evolve Scopely’s modern IAM architecture to support a dynamic,
   - native environment across AWS, GCP, and Saa
   S applications.
2. Design and implement federated identity management (OIDC, SAML, SCIM) and
   - based access control (RBAC) /
   - based access control (ABAC) across internal and external platforms.
3. Develop scalable access automation solutions for developer
   - service,
   - privilege access, and ephemeral credentials.
4. Build and manage
   - wide authentication and authorization strategies leveraging modern identity providers like Okta, AWS IAM Identity Center, and Google Cloud IAM.
5. Partner with security and engineering teams to implement
   - trust principles and enforce adaptive access controls.
6. Automate provisioning, deprovisioning, and access audits with Infrastructure-as-Code (Terraform, Pulumi) and identity workflows.
7. Lead IAM threat modeling, access reviews, and anomaly detection to proactively identify misconfigurations or abuse.
8. Drive adoption of passwordless authentication, MFA everywhere, and
   -
   - time access to minimize risk.
9. Collaborate with compliance and security teams to ensure IAM policies align with regulatory requirements (SOC2, ISO27001).
10. Serve as a subject matter expert on identity security, mentoring other engineers and influencing security strategy.
11. Collaborate with game teams to align workforce and gaming IAM strategies, ensuring seamless integration, security, and compliance across all identity and access management initiatives.

What We’re Looking For:

1. Experience working at a startup or
   - scale technology company (FANG, unicorn, or
   - growth Saa
   S)—you understand how identity needs to scale.
2. Deep expertise in modern IAM principles—federation,
   - grained access controls, identity lifecycles, and
   - trust authentication.
3. Strong knowledge of cloud IAM models—AWS IAM, Google Cloud IAM, Azure AD, and their best practices for securing
   - scale environments.
4. Proficiency in at least one programming/scripting language (Python, Go, Type
   Script, or similar) for automating IAM workflows.
5. Hands-on experience with OAuth2, OIDC, SAML, SCIM, and integrating identity providers (Okta, Auth0, AWS IAM Identity Center, Google Workspace).
6. Ability to build and manage IAM automation pipelines using Infrastructure-as-Code (Terraform, Pulumi) and CI/CD workflows.
7. Familiarity with Just-in-Time access management (JIT), ephemeral credentials (AWS STS, Google Workload Identity), and
   - based security.
8. Comfortable working with
   - scale distributed systems and
   - friendly IAM models—you know how to support an engineering culture without excessive friction.
9. A strong threat modeling and security mindset, with the ability to anticipate risks and proactively mitigate IAM-related attack vectors.
10. Understanding of Identity and Access Governance and how it can apply in a
    - growth,
    - scale environment.
11. Strong ability to effectively communicate complex IAM concepts, risks, and solutions to both technical and
    - technical stakeholders, ensuring alignment with business and security objectives.

Must Haves:

1. Bachelor's degree in Computer Science, Information Security, or equivalent experience.
2. 5+ years of
   - on IAM security engineering experience in a
   - first,
   - scale environment.
3. Experience designing IAM architectures for global organizations with complex access needs.
4. A modern approach to IAM—you embrace automation, least privilege, and
   - aware security rather than legacy solutions.
5. Experience implementing and operating IAM-related security tools such as AWS IAM Access Analyzer, Google Cloud Policy Intelligence, Okta Workflows, and CIEM (Cloud Infrastructure Entitlement Management) platforms.
6. You have worked in a
   - growth startup or a
   - scale tech company and thrived.
7. You are comfortable navigating ambiguity and making
   - driven security decisions without requiring explicit direction.

Bonus Points for:

1. Experience with passwordless authentication (Web
   Authn, FIDO2).
2. Previous work securing B2B or B2C authentication flows.
3. Contributions to
   - source IAM or security tooling.
4. Building
   - friendly IAM automation tools that streamline security without adding excessive friction.