Identity & Access Management (IAM) Engineer

To serve as the architect and operator of Ajaib’s Identity Anchor. You will be responsible for ensuring every access point is anchored to a single corporate identity, moving away from manual ticketing toward a self-service, automated "ticketing-to-tool" identity orchestration.

Responsibilities

• Identity Anchoring: Own the Identity Provider (IDP/SSO) lifecycle using JumpCloud, ensuring 100% of corporate assets (GitHub, AWS, etc.) are accessible only via the Corporate IDP, coordinating with related units, including People team
• The "Kill Switch" provisioning: Implement and maintain programmatic offboarding to achieve a Mean Time to Revoke (MTTR) of <5 minutes across all systems, alerted from Slack channel maintained by People team.
• Access Orchestration: Transition from manual tickets to automated approval workflows and self-service access.
• Onboarding: Ensure naming convention uniformity, Lead the migration of all contributors to corporate-managed accounts, implementing automated blocking for non-corporate commits.
• Permission Management: Define technical roles and permissions (RBAC/ABAC) and maintain the User Access Matrix for all personnel and third-party vendors.
• Platform Integration: Move toward Identity Orchestration by implementing short-lived, automated credentials and MFA.
• Least Privilege: Maintain segregation of duties and Least Privilege principles all the time on all systems.
• Maintain and update and ensure the access matrix is current and agreed by relevant parties.
• Maintain the system / tools list across organizations on a regular basis.
• Maintain the payment method / period: Ensure no downtime on the app / system caused by failed payment.
• Keep record and maintain the policies of access of each system and ensure they are approved by relevant stakeholders regularly.
• During identified employee rotation, ensure access provisioning follows the new business unit / department accordingly immediately with appropriate approval from the stakeholders.
• Data Governance: Maintain and update the Data Classification across Ajaib group.
• Data Retention: Ensure data retention is applied and maintained across Ajaib group.
• Incident Management: Log and maintain documentation of reported and known incidents
• Post Incident Review: Log and maintain documentation of reported and known incidents

Requirements

• Must Have: 2+ years of experience in IAM/IDM; expertise in JumpCloud and Google Workspace administration.
• Identity Protocols: Deep understanding of SSO, SAML, OIDC, and SCIM provisioning.
• Fintech Focus: Experience regulating central access for high-turnover environments and third-party vendors.
• Technical Literacy: Ability to manage repository permissions and automate IAM.

Benefits

Join us as we make magic happen to increase Indonesia’s financial inclusion!