Roku is seeking a senior-level Identity Engineer to enhance its Zero-Trust architecture, drive standardization initiatives, and optimize its Microsoft-centric identity platform for a geographically distributed workforce.
Requirements
- 8+ years of hands-on experience with identity and access management and automating cloud technologies, particularly within the Microsoft ecosystem.
- Strong analytical skills and attention to detail, with the ability to troubleshoot complex infrastructure and identity-related issues.
- Excellent communication skills, with the ability to clearly explain technical concepts to both technical and non-technical stakeholders.
- Deep experience with Microsoft Entra ID, including Conditional Access, Identity Governance, and Privileged Identity Management.
- Familiarity with Microsoft 365 services: Exchange Online, Defender, Purview, Sentinel, Intune, and related platforms.
- Automation and scripting skills using PowerShell, Azure CLI, and Microsoft Graph API; working knowledge of Azure services such as Function Apps and Logic Apps.
- Experience in onboarding and managing enterprise applications in Azure Entra ID.
- Advanced knowledge of Azure Single Sign-On (SSO) login methods, including OAuth2, OpenID Connect, and SAML, and their integration with enterprise applications.
- Knowledge of privileged access tools (Azure PIM, CyberArk, etc), secrets management (HashiCorp or Azure Key Vault), and workload identity patterns SPIFEE & SPIRE.
- Familiarity with NHI governance concepts for service accounts and AI agents, and exposure to OPA / Rego or similar policy-as-code frameworks.
- Good to have familiarity with Microsoft Purview for DLP and data classification.
- Strong understanding of multi-factor authentication and FIDO2.
- Familiarity with IT security frameworks and compliance standards.
- Knowledge of logging, monitoring, and alerting practices for identity and access events.
- Basic understanding of email security and DNS.
- Experience with backup and recovery strategies for identity-related services.
- Understanding of Zero Trust Architecture principles.
- Familiarity with Jira and Confluence.
- B.S. in Computer Science, Information Technology, Engineering, or equivalent experience.
Benefits
- Health insurance
- Equity awards
- Life insurance
- Disability benefits
- Parental leave
- Wellness benefits
- Paid time off
