Sr Staff, Infosec Engineer - Selling Channel Security

About the Role We are seeking a Senior Staff IAM Engineer with deep expertise in designing identity and access management (IAM) solutions for APIs, customers, and microservices-based cloud environments. In this role, you will be responsible for architecting secure and scalable identity solutions that integrate seamlessly into our e-commerce platform. Your ability to collaborate, negotiate, and drive optimal security solutions with cross-functional teams-including architecture, DevSecOps, and product engineering-will be key to success. What You'll Do What you'll do Design and implement security solutions at scale as a key member of the Product Security organization. Develop repeatable processes and implement new technologies and tools across the enterprise. Enhance technical and operational security maturity across all channels. Adopt an automation-first mindset to improve productivity in operational tasks. Collaborate with Architects and Engineers to maintain accurate network policy and design documentation. IAM Architecture & Design: Develop and implement IAM solutions for APIs, customers, and microservices in a cloud-native e-commerce environment. API Security: Design authentication and authorization mechanisms, including OAuth, OpenID Connect, JWT, and mutual TLS. DevSecOps Integration: Partner with DevSecOps teams to embed IAM best practices into CI/CD pipelines, automating identity governance and access controls. Cloud Security & IAM Governance: Define and enforce security policies for identity management across cloud platforms (AWS, Azure, GCP). Requirement Qualifications and Skills Expertise in IAM & API Security: Proven experience designing IAM solutions for CIAM, API security, and microservices authentication. Familiarity with vulnerabilities and attack vectors in various industries. Cloud-Native IAM: Hands-on experience with AWS IAM, Azure AD, GCP IAM, or third-party providers like Okta, Ping Identity, Auth0. Deep Protocol Knowledge: Strong understanding of OAuth 2.0, OpenID Connect, SAML, JWT, and federation architectures. Microservices & DevSecOps: Experience with containerized workloads (Kubernetes, Docker) and securing service-to-service communication. Programming & Automation: Familiarity with Terraform, CloudFormation, or other IaC tools; scripting skills (Python, Bash) are a plus. Security Certifications (Preferred): CISSP, CCSP, AWS Security Specialty, Azure Security Engineer, or equivalent. Strong Communication & Negotiation Skills: Ability to engage with architects, developers, and security teams to align on IAM strategies. #J-18808-Ljbffr