Surfshark logo

Senior Identity and Access Management Engineer

Surfshark
Full-time
On-site
Kaunas, Lithuania
The relentless fight against cybercrime is our daily mission. Our Security team is on the frontlines, building a robust defense system with solid security tools and vigilant monitoring. We don’t just react — we proactively engineer a layered security posture with strong processes and training programs to make passive defenses our first line of attack.
Each day, we leverage a powerful arsenal of industry-trusted security solutions, including, but not limited to, EDR/XDR, MDM, HIDS, NIDS, DLP, or SOAR solutions. We collect threat intelligence information and absorb it in our systems to strengthen our company’s security posture and prevent cybersecurity incidents.

If you want to:

    • Design, develop, implement, and manage identity and access management (IAM) solutions;
    • Automate routine tasks to achieve scalable and efficient IAM practices;
    • Implement and manage controls to enforce policy (SSO systems, MFA);
    • Be responsible for user provisioning and lifecycle management;
    • Safeguard our systems, applications, and data by ensuring secure user access, authentication, and authorization mechanisms.

And you can check off:

    • Extensive experience with IAM solutions;
    • Strong understanding of authentication protocols such as SAML, OAuth, OpenID Connect, LDAP, SCIM and Directory services;
    • Experience with cloud-based IAM solutions and securing cloud environments;
    • Deep understanding of Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC);
    • Experience with API security and integration of various IAM solutions with enterprise applications;
    • Skills with CI/CD tools and integrating IAM solutions into automated deployment pipelines;

Bonus points if you:

    • Have expertise in Identity Federation and implementing federated identity solutions;
    • Can conduct IAM risk assessments and apply effective security measures;
    • Are experienced in implementing Zero Trust security models;
    • Have hands-on experience with IAM governance tools;
    • Are familiar with MDM solutions and securing mobile access;
    • Understand network security principles as they relate to IAM;
    • Are knowledgeable about industry standards and regulatory requirements like GDPR, ISO 27001, NISTCSF, and CIS Controls;
    • Hold certifications such as CCIE Sec, CCIE Ent, CIMP, FCSSSASE, MS-100, CIAM, or CIDPRO.

Here’s the deal:

    • Growth and learning opportunities: time dedicated to learning, conferences, online learning platforms, and books for your professional development;
    • Health and wellness: we want you to feel and be your best. That's why we offer various benefits, from online workouts, a physical coach and a gym to regular mental health checks;
    • Tools of your choice: choose technical equipment and the tools you need to do your best;
    • Community and celebrations: get ready for long-lasting traditions such as yearly workation, Friday get-togethers, various team buildings and company celebrations;
    • Convenient commuting: traveling from point A to point B can be a pain. That’s why, depending on your unique circumstances, we compensate part of your public transport costs;
    • Work-life balance: as a general rule, we work based on a 3+2 hybrid model. And let’s not forget the WFA policy – an opportunity to work from anywhere in the world;
    • Premium Surfshark accounts: for you, your family, and friends;
    • Gross salary: 3000 - 6000 Eur/month for the Lithuanian market, 17200-33000 Pln/month for the Polish market. It may vary depending on your skills and experience.