Security Engineer (L5) - IAM

Job Description

Netflix is the world's leading streaming entertainment service with 250+ million paid memberships in over 190 countries enjoying TV series, documentaries, and feature films across a wide variety of genres and languages. This is made possible, in part, by an engineering organization that enables our customers to stream content and our studio to produce content. Identity and Authentication Security (IAS) at Netflix is responsible for creating and operating identity and authentication services and solutions to provide seamless, secure and risk-aware access to Netflix resources. Our workforce and partners are global, and they access our information with different patterns from a variety of locations and devices. Our IAM use cases will continue to become more complex as we increase investment in Netflix Originals content production ecosystems, including Gaming and LIVE streaming. To ensure security and ease of information access for our fast-paced growth, we invest in Identity as a perimeter in the open internet with reliable and secure IAM services to protect our information. The Role This role is a unique opportunity to design and build Identity and Access security solutions for Netflix’s global employee and partner user base that spans the full spectrum of our business including Enterprise, Studio, Gaming, Ads, Live Streaming, and more. You will be part of the Identity Integrations and Solutions Engineering (IISE) team within IAS, focusing on core Identity Lifecycle Management, Consultation, and Solutions that achieve our dual mission of enabling our business stakeholders while reducing access risk to Netflix resources. Your deep IAM domain expertise will be critical in all aspects of solution design and delivery, including implementation, partner integration, and rollout strategy. Internally, you will work closely with partners across the Security and Engineering organizations in areas including, but not limited to: fine-grained access controls, policy driven security, identity governance, access management, privileged access management, user provisioning/deprovisioning, and federation.

What you’ll need to be successful:

• You are a pragmatic security engineer with a proven track record of architecting, building and operating complex Identity Lifecycle and Access Control solutions.
• Strong IAM fundamentals - AAA (Authentication, Authorization, Accountability), and Identity lifecycle
• Experience working with authentication and authorization standards and protocols (OpenID Connect, SCIM, OAuth, SAML, AD/LDAP, Federation, SSO).
• Proven track record designing, building and or operating complex Access Models by making informed decisions using deep understanding of industry standards such as RBAC/ABAC/PBAC etc.
• Experience running services on top of a Cloud computing platform (e.g., AWS, Microsoft Azure, GCP)
• You believe in risk focused, scalable security approaches with a strong technical background in developing and maintaining low latency, high resiliency, and high-availability, services.
• Experience in at least one modern programming language such as Java (preferred) or Python and mastery of object-oriented design and programming.
• You prefer collaboration and problem solving over process and mandates and are also comfortable dealing with ambiguity and independent decision making.
• You have excellent verbal and written communication skills and a product focused mindset to build the right solutions and extensive documentation for your stakeholders and customers.

Nice to have:

• Hands-on experience working with vendor IAM solutions such as Okta Workflows , WIC, CIC or equivalent.
• Experience in continuous integration and continuous deployment in a Cloud platform
• Experience with NoSQL technologies such as Hive, Presto, Spark, or Cassandra
• Familiarity with GraphQL technologies

Our compensation structure consists solely of an annual salary; we do not have bonuses. You choose each year how much of your compensation you want in salary versus stock options. To determine your personal top of market compensation, we rely on market indicators and consider your specific job family, background, skills, and experience to determine your compensation in the market range. The range for this role is $100,000 - $720,000. Netflix provides comprehensive benefits including Health Plans, Mental Health support, a 401(k) Retirement Plan with employer match, Stock Option Program, Disability Programs, Health Savings and Flexible Spending Accounts, Family-forming benefits, and Life and Serious Injury Benefits. We also offer paid leave of absence programs. Full-time hourly employees accrue 35 days annually for paid time off to be used for vacation, holidays, and sick paid time off. Full-time salaried employees are immediately entitled to flexible time off. See more detail about our Benefits here . Netflix is a unique culture and environment. Learn more here . We are an equal-opportunity employer and celebrate diversity, recognizing that diversity of thought and background builds stronger teams. We approach diversity and inclusion seriously and thoughtfully. We do not discriminate on the basis of race, religion, color, ancestry, national origin, caste, sex, sexual orientation, gender, gender identity or expression, age, disability, medical condition, pregnancy, genetic makeup, marital status, or military service. Apply for this job