Staff IAM Engineer

Ironclad Inc.

Job Overview

Location

San Francisco

Job Type

Full-time

Full Job Description

📋 Description

• As a Staff IAM Engineer at Ironclad Inc., you will play a critical role in safeguarding the company’s people, systems, and data by owning and advancing identity and corporate security controls in a fast-growing, innovative environment. Your work will directly support Ironclad’s mission to transform contract lifecycle management through secure, scalable operations, ensuring that access is appropriate, devices are trusted, and compliance requirements are met without compromising user experience.
• Day to day, you will support the implementation and operations of the Identity Governance & Administration (IGA) platform to ensure employees receive appropriate role-based access, approvals are properly captured, and access is promptly revoked upon separation; design and enforce RBAC standards for sensitive systems as a core security control; continuously improve identity controls by reducing standing privileges and strengthening authentication policies such as SSO and MFA; lead the secure integration of new SaaS applications into the SSO and MFA ecosystem, providing oversight for business systems implementations; evolve the corporate device trust program to ensure only compliant devices can access corporate and production systems; support endpoint security efforts including policy development, controls, and vulnerability management across macOS and Windows environments; partner with Security Detection & Response to enhance visibility into corporate systems through scripting and integrations; collaborate with Trust & Compliance to automate evidence collection for internal and independent audits such as SOC2; conduct periodic access reviews and audits, investigate and resolve identity- and access-related security incidents; and design, document, and execute plans to identify gaps and continuously improve the access management lifecycle and identity architecture.
• You will join a highly collaborative Identity & Corporate Security Engineering team that works closely with IT & Business Systems, Security Detection & Response, Trust & Compliance, and application owners to align security with business needs. Ironclad fosters a positive, inclusive culture where innovation and ownership are valued, and you’ll contribute to a company consistently recognized as a leader in contract lifecycle management, a Fortune Great Place to Work, and one of Fast Company’s Most Innovative Workplaces.
• In this role, you will deepen your expertise in enterprise identity and access management, gain hands-on experience with modern IAM platforms and cloud infrastructure, and have the opportunity to influence security strategy at a scaling tech company. You’ll develop leadership capabilities by driving cross-functional initiatives, shaping security best practices, and contributing to audit readiness and compliance programs, all while working on meaningful challenges that protect the integrity of Ironclad’s platform and people.

🎯 Requirements

• 4+ years of experience in security-focused software engineering, corporate engineering, IT, and/or program management
• Strong understanding of IAM protocols and standards, including SAML 2.0, OIDC, SCIM, LDAP, OAuth, and familiarity with X.509
• Experience with IdP and identity tooling (e.g., Okta, Active Directory, Google Workspace), including defining and enforcing Role-Based Access Control (RBAC) policies and Least Privilege principles across enterprise applications
• Familiarity with endpoint engineering for macOS and Windows
• SW Eng/Dev engineering and DevOps proficiency: Python and/or Go, Terraform, GAM scripting, Powershell scripting, JSON, Javascript
• Demonstrated experience deploying new IT systems and processes across the organization with high user satisfaction
• Strong analytical and problem-solving skills, attention to detail, and ability to operate independently with a high level of ownership
• Experience with Okta, Salesforce, NetSuite, Workday, GCP, GWP, Microsoft Entra/Azure/Intune, JAMF

🏖️ Benefits

• 100% health coverage for employees (medical, dental, and vision), and 75% coverage for dependents with buy-up plan options available
• Market-leading leave policies, including gender-neutral parental leave and compassionate leave
• Family forming support through Maven for you and your partner
• Paid time off - take the time you need, when you need it
• Monthly stipends for wellbeing, hybrid work, and (if applicable) cell phone use
• Mental health support through Modern Health, including therapy, coaching, and digital tools
• Pre-tax commuter benefits (US Employees)
• 401(k) plan with Fidelity with employer match (US Employees)
• Regular team events to connect, recharge, and have fun
• Opportunity to help build the company you want to work at

Skills & Technologies

Python

JavaScript

Azure

GCP

Terraform

Senior

Hybrid

$170k-190k

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

Ironclad Inc.

Visit Website

About Ironclad Inc.

Ironclad provides cloud-based contract lifecycle management software that helps legal, procurement, sales and HR teams create, negotiate, approve, sign, store and analyze contracts. Its no-code workflow builder automates approvals, renewals, and compliance checks while integrating with CRM, e-signature and cloud storage platforms. The platform offers AI-powered clause analysis, obligation tracking and analytics dashboards that surface contract data to drive business decisions. Enterprises use Ironclad to reduce cycle times, ensure regulatory compliance and gain visibility into contract portfolios.

View Company Profile

Get more remote jobs like this

Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.

Weekly remote jobs and featured talent.

No spam. Only curated remote roles and product updates. You can unsubscribe anytime.