Senior Security IAM Engineer

Scopely is looking for a Senior IAM Security Engineer to support our global IT Security team in Europe on a hybrid or remote basis.

This individual will apply their advanced expertise to build and mature our modern IAM program in a way that is relevant to a global, complex, technology-driven organization. In this position, you will work closely with security, platform engineering, and infrastructure teams to design, build, and evolve Scopely’s IAM architecture to meet the needs of a high-scale, multi-cloud, and developer-driven environment.

At Scopely, we care deeply about what we do and want to inspire play, every day - whether in our work environments alongside our talented colleagues, or through our deep connections with our communities of players. We are a global team of game lovers who are developing, publishing and innovating the mobile games industry, connecting millions of people around the world daily.

What You Will Do :

• Own and evolve Scopely’s modern IAM architecture to support a dynamic, cloud-native environment across AWS, GCP, and SaaS applications
• Design and implement federated identity management (OIDC, SAML, SCIM) and role-based access control (RBAC) / attribute-based access control (ABAC) across internal and external platforms
• Develop scalable access automation solutions for developer self-service, least-privilege access, and ephemeral credentials
• Build and manage enterprise-wide authentication and authorization strategies leveraging modern identity providers like Okta, AWS IAM Identity Center, and Google Cloud IAM
• Partner with security and engineering teams to implement zero-trust principles and enforce adaptive access controls
• Automate provisioning, deprovisioning, and access audits with Infrastructure-as-Code (Terraform, Pulumi) and identity workflows
• Lead IAM threat modeling, access reviews, and anomaly detection to proactively identify misconfigurations or abuse
• Drive adoption of passwordless authentication, MFA everywhere, and just-in-time access to minimize risk
• Collaborate with compliance and security teams to ensure IAM policies align with regulatory requirements (SOC2, ISO27001, etc.)
• Serve as a subject matter expert on identity security, mentoring other engineers and influencing security strategy
• Collaborate with game teams to align workforce and gaming IAM strategies, ensuring seamless integration, security, and compliance across all identity and access management initiatives

What We’re Looking For :

• Experience working at a startup or high-scale technology company (FANG, unicorn, or fast-growth SaaS)—you understand how identity needs to scale
• Deep expertise in modern IAM principles—federation, fine-grained access controls, identity lifecycles, and zero-trust authentication
• Strong knowledge of cloud IAM models—AWS IAM, Google Cloud IAM, Azure AD, and their best practices for securing large-scale environments
• Proficiency in at least one programming / scripting language (Python, Go, TypeScript, or similar) for automating IAM workflows
• Hands-on experience with OAuth2, OIDC, SAML, SCIM, and integrating identity providers (Okta, Auth0, AWS IAM Identity Center, Google Workspace)
• Ability to build and manage IAM automation pipelines using Infrastructure-as-Code (Terraform, Pulumi) and CI / CD workflows
• Familiarity with Just-in-Time access management (JIT), ephemeral credentials (AWS STS, Google Workload Identity), and session-based security
• Comfortable working with large-scale distributed systems and developer-friendly IAM models—you know how to support an engineering culture without excessive friction.
• A strong threat modeling and security mindset, with the ability to anticipate risks and proactively mitigate IAM-related attack vectors
• Understanding of Identity and Access Governance and how it can apply in a fast-growth, high-scale environment
• Strong ability to effectively communicate complex IAM concepts, risks, and solutions to both technical and non-technical stakeholders, ensuring alignment with business and security objectives

Must Haves :

• Bachelor's degree in Computer Science, Information Security, or equivalent experience.
• 5+ years of hands-on IAM security engineering experience in a cloud-first, high-scale environment
• Experience designing IAM architectures for global organizations with complex access needs.
• A modern approach to IAM—you embrace automation, least privilege, and identity-aware security rather than legacy solutions
• Experience implementing and operating IAM-related security tools such as AWS IAM Access Analyzer, Google Cloud Policy Intelligence, Okta Workflows, and CIEM (Cloud Infrastructure Entitlement Management) platforms
• You have worked in a fast-growth startup or a high-scale tech company and thrived.
• You are comfortable navigating ambiguity and making data-driven security decisions without requiring explicit direction

Bonus Points for :

• Experience with passwordless authentication (WebAuthn, FIDO2).
• Previous work securing B2B or B2C authentication flows
• Contributions to open-source IAM or security tooling
• Building developer-friendly IAM automation tools that streamline security without adding excessive friction