Who We Are

The Identity & Access Management team builds and manages systems to support all aspects of Identity Lifecycle and Access Control for Wayfair’s growing workforce, leaning heavily on automation to create scalable solutions to help the Security team fulfill its mission of security by design. We are currently looking for a Senior Identity Solutions Manager to help bring our Identity & Access program into the next generation.This role will be responsible for analyzing and identifying gaps and needs in our Identity platforms and working with our engineering and analyst teams to develop robust, forward-thinking solutions. This role will also collaborate extensively with other security teams and external stakeholders as a subject matter expert and advocate for Identity and Access best practices. Our ideal candidate is most effective in a fast-paced collaborative environment, delights in new problem areas, and is driven by curiosity and a creative spirit.

What You’ll Be Doing

• Work closely with IAM & Security leadership to identify gaps in current IAM solutions and develop roadmaps to address growth areas
• Collaborate with internal and external stakeholders to develop and uphold best practices for Identity federation and integration
• Serve as an SME across all IAM competencies and capabilities, including Identity Federation, User and Service authentication and authorization, attribute and group orchestration, Enterprise Role-Based Access, Access Certification, and Application Integration
• Support the lifecycle of Identity & Access tools and applications and work with cross-functional project teams to ensure that solutions are to specification and provide quantifiable value
• Develop metrics and OKRs to track the success of of IAM initiatives and report to IAM & Security leadership
• Consult with broader Infrastructure team on topics of authentication and authorization, offering best practices and developing additional tooling to create improved experiences for developers that require authentication and authorization in their applications
• Stay abreast of IAM industry best practices and new solutions (including open source and off the shelf products) to help improve our patterns and tech stack
• Makes highly complex decisions without oversight, acting as a primary leader accountable for decision-making, quality-control, and results delivery for their line of business

What You Will Need to Be Successful

• At least 7 years of dedicated Identity Management experience in an lead engineering or technical analyst capacity (or related), preferably at a large organization servicing tens of thousands of identities or more
• Deep technical understanding of Identity & Access Management systems including federation patterns, brokering, external/internal Identity, standard protocols (OAuth2.0, SAML, SCIM), directory management, and privileged access management
• Experience overseeing end-to-end execution of large-scale initiatives from requirements gathering to launch, including documentation and maintenance of artifacts
• Experience building products in cloud and hybrid environments, and knowledge of GCP and/or Azure native capabilities
• Excellent communication skills to effectively collaborate with all levels of engineering and the business
• Excellent quantitative analysis, diagramming, and work management skills
• Bachelor’s Degree in Computer Science or Engineering, or a related technical field, equivalent practical experience

Preferred Skills

• Past experience in application development (engineer or architect) or application development support (product management, business analysis), preferably in Java or Python
• Experience with IDaaS Solutions like Okta or SailPoint
• Thorough understanding of RESTful APIs and authenticating and authorizing against them
• Proven experience with database query (or query-like) languages (e.g. SQL)
• Familiar with DevOps principles and source code and configuration management practices using Git
• Familiarity with open-source authorization tools such as Keycloak, Open Policy Agent, and Casbin
• Experience with event-driven architectures and streaming data platforms (e.g Kafka, GCP Pub/Sub)
• Experience using Hashicorp stack (Terraform & Vault), Elastic Stack (Kibana & Elasticsearch), and Docker
• Broad familiarity with a wide variety of IT Directory and Infrastructural systems. Examples: ServiceNow, Jira, Active Directory, Google Cloud Platform, Workday, etc.