×
Register Here to Apply for Jobs or Post Jobs. X

Senior Identity Access Management Engineer

Job in San Jose, Santa Clara County, California, 95199, USA
Listing for: Roku, Inc.
Full Time position
Listed on 2026-07-16
Job specializations:
  • IT/Tech
    Cybersecurity, Azure, Cloud Computing: Infrastructure & Operations
Salary/Wage Range or Industry Benchmark: 158000 - 279000 USD Yearly USD 158000.00 279000.00 YEAR
Job Description & How to Apply Below

About role

Roku is seeking a senior-level Identity Engineer to enhance its Zero-Trust architecture, drive standardization initiatives, and optimize its Microsoft-centric identity platform for a geographically distributed workforce. The ideal candidate has hands‑on experience in identity and access management (IAM) and securing cloud environments within the Microsoft ecosystem, with deep expertise in Azure Entra  important is a strong automation mindset—designing, scripting, and building repeatable workflows.

The role also requires the ability to communicate complex technical concepts clearly to both technical and non‑technical audiences.

For California Only – The estimated annual salary for this position is between $158,000 and $279,000 annually. Compensation packages are based on factors unique to each candidate, including but not limited to skill set, certifications, and specific geographical location. This role is eligible for health insurance, equity awards, life insurance, disability benefits, parental leave, wellness benefits, and paid time off.

What you'll be doing
  • Lead enterprise‑wide IAM standardization, including identity lifecycle, access governance, and policy enforcement across global regions.
  • Drive automation across IAM to streamline administration and deliver a smoother user experience.
  • Support enterprise applications onboarding into Azure Entra , including SSO, Conditional Access, and role‑based access control (RBAC).
  • Enhance privileged access management and implement scalable monitoring, alerting, and auditability solutions to support a secure, geographically distributed workforce.
  • Collaborate with IT, Networking, and Security teams to troubleshoot identity‑related issues and support global infrastructure initiatives.
  • Advance Zero Trust Identity Fabric principles like continuous verification, least‑privilege access, and identity‑aware policy enforcement across users, devices, workloads, and non‑human identities.
  • Build identity automation with a Dev Ops mindset, writing scripts, developing pipelines, and engineering tooling from scratch rather than just configuring them.
We're excited if you have
  • 8+ years of hands‑on experience with identity and access management and automating cloud technologies, particularly within the Microsoft ecosystem.
  • Strong analytical skills and attention to detail, with the ability to troubleshoot complex infrastructure and identity‑related issues.
  • Excellent communication skills, with the ability to clearly explain technical concepts to both technical and non‑technical stakeholders.
  • Deep experience with Microsoft Entra , including Conditional Access, Identity Governance, and Privileged Identity Management.
  • Familiarity with Microsoft 365 services:
    Exchange Online, Defender, Purview, Sentinel, Intune, and related platforms.
  • Automation and scripting skills using Power Shell, Azure CLI, and Microsoft Graph API; working knowledge of Azure services such as Function Apps and Logic Apps.
  • Experience in onboarding and managing enterprise applications in Azure Entra .
  • Advanced knowledge of Azure Single Sign‑On (SSO) login methods, including OAuth2, OpenID Connect, and SAML, and their integration with enterprise applications.
  • Knowledge of privileged access tools (Azure PIM, Cyber Ark, etc.), secrets management (Hashi Corp or Azure Key Vault), and workload identity patterns SPIFEE & SPIRE.
  • Familiarity with NHI governance concepts for service accounts and AI agents, and exposure to OPA / Rego or similar policy‑as‑code frameworks.
  • Good to have familiarity with Microsoft Purview for DLP and data classification.
  • Strong understanding of multi‑factor authentication and FIDO
    2.
  • Familiarity with IT security frameworks and compliance standards.
  • Knowledge of logging, monitoring, and alerting practices for identity and access events.
  • Basic understanding of email security and DNS.
  • Experience with backup and recovery strategies for identity‑related services.
  • Understanding of Zero Trust Architecture principles.
  • Familiarity with Jira and Confluence.
  • B.S. in Computer Science, Information Technology, Engineering, or equivalent experience.
What’s Roku’s approach to hybrid working?

Roku fosters an inclusive and…

Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary