Edtech.com's Summary

Handshake is hiring a Senior IAM Automation Engineer to lead the design and implementation of their enterprise identity automation and governance systems. The role involves creating scalable lifecycle workflows, integrating identity platforms using Python and REST APIs, and collaborating across teams to ensure secure and auditable identity operations.

Highlights

Architect and maintain automated onboarding, offboarding, and access-change workflows using Okta, Workday, SCIM, and event-driven systems.
Develop integration layers and automation with Python, Node.js, REST APIs, Webhooks, and Terraform.
Manage Handshake's IAM ecosystem including Okta, Google Workspace, GCP, AWS IAM, and internal systems.
Engineer authentication and authorization protocols such as OIDC, OAuth2, SAML, JWT, and scalable RBAC/ABAC access models.
Implement SOC2-compliant access controls, auditability mechanisms, and automated access certification systems.
Conduct identity incident forensics and develop preventative automation solutions.
Provide cross-functional leadership setting standards and reference architectures for identity automation platforms.
Require 4-7+ years of IAM engineering or identity governance experience with strong skills in Python, Node.js, REST, and infrastructure-as-code tools like Terraform.
Preferred experience with Okta Workflows, SailPoint/IGA, PAM, and certifications such as Okta Architect, Azure Identity Engineer, or CISSP.
Offers benefits including equity, 401(k) match, parental leave, medical coverage, learning stipends, flexible PTO, and team outings.

Senior IAM Automation Engineer Full Description

About Handshake

Handshake is building the career network for the AI economy, backed by the largest and most trusted job network on the internet. As the only three-sided job marketplace connecting 18 million knowledge workers, 1,500 educational institutions, and 1 million employers, Handshake powers career discovery, hiring, and upskilling—from first internships to full-time roles, freelance work to gig work, and beyond.

Founded in 2014, we’ve built the most trusted platform for early talent—owning the college-to-career market and powering nearly every career center. Today we’re building on that foundation to help students and early professionals upskill or reskill for the future.

Now’s a great time to join Handshake.

Here’s why:
Category Leader: Over 92% coverage across US universities & 77% of total US university student population.
Proven Market Demand: Deep employer partnerships across Fortune 500s and the world’s leading AI research labs.
World-Class Team: Leadership from Scale AI, OpenAI, xAI, Notion, Coinbase, and Palantir, just to name a few.
Capitalized & Scaling: $434M raised with a $175M+ run rate.

About the Role

Handshake is seeking a Senior IAM Automation Engineer to own the architecture, design, and implementation of our enterprise identity automation and governance ecosystem. You’ll define the long-term IAM automation strategy, build resilient and scalable lifecycle workflows, and enable secure-by-default identity operations across SaaS, cloud, and internal platforms.
You’ll partner closely with Security, IT Engineering, People Operations, and Product/Platform Engineering to deliver highly automated, auditable, and reliable identity solutions.

In this role, you will:

Architect, build, and own automated onboarding, offboarding, and access-change workflows across Okta, Workday, SCIM, and event-driven systems.
Engineer integration layers between identity platforms and internal applications using Python, REST APIs, Webhooks, and Terraform.
Implement error-handling, reconciliation logic, telemetry, and monitoring to ensure reliability and determinism in identity lifecycle events.
Modernize existing provisioning logic and replace manual processes with scalable automation frameworks.
Develop tooling and pipelines enabling version-controlled, testable, observable IAM automation.
Act as a technical owner for Handshake’s IAM ecosystem, including Okta, Google Workspace, GCP, AWS IAM, and internal access systems.
Engineer and optimize authentication & authorization protocols (OIDC, OAuth2, SAML, JWT), fine-grained access policies, and scalable RBAC/ABAC models.
Build custom automation using Okta Workflows or API-driven orchestration.
Design SOC2-compliant access controls, approvals, attestations, and auditability mechanisms.
Build automated access certification systems with full data lineage.
Conduct identity-related incident forensics and implement preventative automation.
Provide cross-functional leadership, setting standards, best practices, and reference architectures for identity automation.
Serve as service owner for IAM automation platforms with accountability for uptime, consistency, and continuous improvement.

Desired Capabilities

4–7+ years of hands-on IAM engineering, identity automation, or identity governance experience.
Strong scripting/automation skills in Python, Node.js, and REST-based integrations.
Experience with IAM platforms such as Okta, Google Workspace/GCP, Azure AD, or similar.
Deep understanding of identity protocols, token flows, SCIM, and distributed lifecycle orchestration.
Experience with Terraform or other infrastructure-as-code frameworks.
Ability to diagnose complex identity issues across SaaS, cloud, and distributed systems.
Strong understanding of DevOps practices, observability, and secure engineering principles.
Demonstrated ownership mindset across architecture, implementation, monitoring, and iterative improvement.

Extra Credit

Advanced experience with GCP IAM, Google Workspace IAM, AWS IAM, cross-account access patterns, and policy automation.
Experience with Okta Workflows, SailPoint/IGA, or Privileged Access Management (PAM) solutions.
Experience designing scalable authorization models for high-growth or distributed organizations.
Certifications such as Okta Architect, Azure Identity Engineer, CISSP.
Prior experience in SaaS, high-growth, or distributed engineering environments.

Perks

Handshake delivers benefits that help you feel supported—and thrive at work and in life.
The below benefits are for full-time US employees.

🎯 Ownership: Equity in a fast-growing company
💰 Financial Wellness: 401(k) match, competitive compensation, financial coaching
🍼 Family Support: Paid parental leave, fertility benefits, parental coaching
💝 Wellbeing: Medical, dental, and vision, mental health support, wellness stipend
📚 Growth: Learning stipend, ongoing development
💻 Remote & Office: Internet, commuting, and free lunch/gym in our SF office
🏝 Time Off: Flexible PTO, 15 holidays + 2 flex days
🤝 Connection: Team outings & referral bonuses

Explore our mission, values, and comprehensive US benefits at joinhandshake.com/careers.

Original Job Description

About Handshake

About the Role

In this role, you will:

Architect, build, and own automated onboarding, offboarding, and access-change workflows across Okta, Workday, SCIM, and event-driven systems.
Engineer integration layers between identity platforms and internal applications using Python, REST APIs, Webhooks, and Terraform.
Implement error-handling, reconciliation logic, telemetry, and monitoring to ensure reliability and determinism in identity lifecycle events.
Modernize existing provisioning logic and replace manual processes with scalable automation frameworks.
Develop tooling and pipelines enabling version-controlled, testable, observable IAM automation.
Act as a technical owner for Handshake’s IAM ecosystem, including Okta, Google Workspace, GCP, AWS IAM, and internal access systems.
Engineer and optimize authentication & authorization protocols (OIDC, OAuth2, SAML, JWT), fine-grained access policies, and scalable RBAC/ABAC models.
Build custom automation using Okta Workflows or API-driven orchestration.
Design SOC2-compliant access controls, approvals, attestations, and auditability mechanisms.
Build automated access certification systems with full data lineage.
Conduct identity-related incident forensics and implement preventative automation.
Provide cross-functional leadership, setting standards, best practices, and reference architectures for identity automation.
Serve as service owner for IAM automation platforms with accountability for uptime, consistency, and continuous improvement.

Desired Capabilities

4–7+ years of hands-on IAM engineering, identity automation, or identity governance experience.
Strong scripting/automation skills in Python, Node.js, and REST-based integrations.
Experience with IAM platforms such as Okta, Google Workspace/GCP, Azure AD, or similar.
Deep understanding of identity protocols, token flows, SCIM, and distributed lifecycle orchestration.
Experience with Terraform or other infrastructure-as-code frameworks.
Ability to diagnose complex identity issues across SaaS, cloud, and distributed systems.
Strong understanding of DevOps practices, observability, and secure engineering principles.
Demonstrated ownership mindset across architecture, implementation, monitoring, and iterative improvement.

Extra Credit

Advanced experience with GCP IAM, Google Workspace IAM, AWS IAM, cross-account access patterns, and policy automation.
Experience with Okta Workflows, SailPoint/IGA, or Privileged Access Management (PAM) solutions.
Experience designing scalable authorization models for high-growth or distributed organizations.
Certifications such as Okta Architect, Azure Identity Engineer, CISSP.
Prior experience in SaaS, high-growth, or distributed engineering environments.

Perks

Handshake delivers benefits that help you feel supported—and thrive at work and in life.
The below benefits are for full-time US employees.

Explore our mission, values, and comprehensive US benefits at joinhandshake.com/careers.

Let me find your next job.

Thanks - you're signed up.

Senior IAM Automation Engineer

Edtech.com's Summary

Senior IAM Automation Engineer Full Description

Staff Software Engineer, Gen AI

Senior Software Engineer (AI Applications)

Software Engineer I

Senior Engineering Manager - Martech

Senior Platform Engineer