Senior Corporate Engineer

This is a fully remote position, open to applicants in California, +3 more states.

📋 Description

• Take ownership of the architecture, security, and daily operations of our enterprise Okta tenant, which includes the implementation of Okta Identity Governance (OIG), lifecycle management, SCIM provisioning, SSO integrations (SAML/OIDC), MFA, risk-based policies, and device trust.

• Create and maintain Infrastructure-as-Code for identity and access management utilizing Terraform, developing reusable modules, guardrails, and automated workflows that are integrated with HRIS and ITSM systems to ensure least-privilege access and prompt provisioning/deprovisioning.

• Design, manage, and enhance Instacart’s office network infrastructure (firewalls, routing/switching, wireless) across San Francisco, New York City, and Toronto; promote zero-trust segmentation, observability, capacity planning, and vendor/partner management.

• Lead and engage in incident response for identity and network occurrences, facilitating swift mitigation and root-cause analysis, and implementing effective remediation strategies through post-incident evaluations and change management processes.

• Standardize and manage certificate and key lifecycles for SAML/TLS across SaaS applications; reduce manual effort through scripting and comprehensive runbooks that enhance reliability and auditability.

• Collaborate with Security and Compliance teams to fulfill controls and audit requirements (e.g., access reviews, evidence gathering), enhance access risk management, and achieve license savings through automated revocation and right-sizing.

• Guide teammates, improve documentation and operational excellence, and assist in shaping the roadmap by prioritizing high-impact initiatives in a fast-paced environment.

⛳️ Requirements

• 7+ years of experience in corporate IT engineering or a similar field with a specialization in identity and access management (IAM) and enterprise networking.

• 3+ years of practical administration of Okta in a production environment (1,000+ users), encompassing SSO integrations (SAML/OIDC), SCIM provisioning, MFA, and policy development.

• 2+ years of experience implementing identity governance and automation using Okta Workflows, Okta Identity Governance (OIG), or a comparable IGA platform.

• Expertise in Infrastructure-as-Code and automation: Terraform (mandatory) and proficiency in at least one scripting language (Python, Bash, or PowerShell).

• Proven experience in planning and executing certificate rotations and key management for SAML/TLS across various SaaS applications.

• Practical experience in operating and troubleshooting office network infrastructure (switching, routing, wireless, firewalls) and VPN/zero-trust access using technologies such as Cisco/Meraki, Aruba, and Palo Alto.

• A successful history of leading critical incidents and managing structured change processes, including writing runbooks and conducting post-incident evaluations.

• Familiarity with endpoint management and device trust (e.g., Jamf, Kandji, Intune) and integrating device posture into access controls.

• Bachelor’s degree in Computer Science, Engineering, Information Systems, or equivalent practical experience.

🏝️ Benefits

• Highly competitive market compensation

• Equity grant for new hires

• Annual refresh grants