Coupang is hiring a

Staff Security Engineer (Identity and Access Management)

Seattle, United States

We exist to wow our customers. We know we’re doing the right thing when we hear our customers say, “How did we ever live without Coupang?” Born out of an obsession to make shopping, eating, and living easier than ever, we’re collectively disrupting the multi-billion-dollar e-commerce industry from the ground up. We are one of the fastest-growing e-commerce companies that established an unparalleled reputation for being a dominant and reliable force in South Korean commerce.

We are proud to have the best of both worlds — a startup culture with the resources of a large global public company. This fuels us to continue our growth and launch new services at the speed we have been since our inception. We are all entrepreneurial surrounded by opportunities to drive new initiatives and innovations. At our core, we are bold and ambitious people that like to get our hands dirty and make a hands-on impact. At Coupang, you will see yourself, your colleagues, your team, and the company grow every day.

Our mission to build the future of commerce is real. We push the boundaries of what’s possible to solve problems and break traditional tradeoffs. Join Coupang now to create an epic experience in this always-on, high-tech, and hyper-connected world.

Role Overview

Coupang's Access Management Team operates a centralized platform for authentication and authorization. The team is responsible for Single Sign-On (SSO), dynamic authorization based on policies, and providing operational support for user access. The Access Management team ensures that the right users have access to enterprise assets in the appropriate context. We are currently seeking an IAM Solutions Architect with prior experience in designing and delivering solutions across SSO, MFA, and policy-based Dynamic Authorization, as well as a strong foundation of IAM skills across Identity governance, compliance and risk management. The ideal candidate should be enthusiastic about working with new technologies and be ready to accomplish tasks in a fast-paced, innovative, and collaborative startup environment. 

 

Key Responsibilities: 

  • Lead architecture and design for enterprise-wide access management solutions such as SSO, MFA, dynamic authorization, and privileged access management. Produce artifacts for custom solutions implemented. 
  • Share responsibility for managing and maintaining highly resilient authentication platform ensuring 99.999% availability for business-critical applications 
  • Be responsible for setting the strategy and roadmap for Authentication and Authorization Services, architect and solution design, review security findings and implement timely fixes.   
  • As a Technical Lead, you should be able to solve complex problems, use sophisticated analytical thinking to exercise judgment and identify innovative solutions. 
  • Provide L3 support in PST time zone for escalations on user access issues and platform/tool defects across IAM systems.  
  • As the SME for identity and access management tools such as Okta, Azure AD, Active Directory, Saviynt, LDAP provide technical training and educate IAM team peers. 
  • Have strong hands-on experience in building HA/DR, resilience capabilities for authentication services. 
  • Guide enterprise teams to adopt SSO technologies, enable fine-grained access control using dynamic claims-based authorization. Must be able to drive discussions across various engineering teams and other IAM security engineers and operations team to ensure that InfoSec guidelines and standards are adhered to while meeting the requirements for the business. 
  • Collaborate with others in the IAM and Security teams to establish standard operations, new capabilities, as well as provide input on best practices for enabling access and authorization for critical apps and assets. 
  • Author technical documentation, such as system design and engineering artifacts for custom solutions 
  • Support the day-to-day operations of the Access Management team. 
  • Develop and maintain documentation of Standard operational processes. 
  • Stay up to date with the latest security best practices and remain informed about new threats and CVEs. 
  • Participate in 24x7 after business hours on-call rotation for L2/L3 support for critical services. 
  • Develop scripts to automate operation tasks to improve efficiency. 

 

Basic Qualifications: 

  • Have a DevOps mindset, understanding the collaboration and integration required to achieve objectives including Agile and Continuous Delivery methodologies. 
  • Hands on experience with Terraform or similar technology, adopting Infrastructure-as-a-Code best practices for IAM tools 
  • Solid hands-on experience with and deep knowledge of SSO tools such as Okta, Azure AD, Ping or a comparable product 
  • Hands on implementation experience of dynamic authorization frameworks with and deep knowledge of PlainID or similar PBAC tool 
  • Strong technical knowledge of authentication/authorization, identity management standards and protocols such as LDAP, SAML, OpenID Connect, OAuth2 
  • Have working knowledge of the MFA/FIDO security products providing advanced biometrics authentication solutions. 
  • Experience with various LDAP products including AD, Radiant Logic FID, or a comparable product 
  • Experience working with RBAC, just-in-time access, and related authorization strategies. 
  • Knowledge of web services (REST/SOAP) 
  • Deep understanding of Windows, Unix, Database & Directory services 
  • Experience with AWS DevOps and hands on knowledge of EKS, Automation/Orchestration Tools (Ansible, Jenkins, Terraform, etc. 
  • Experience with Cloud technologies (Google Cloud Platform, Azure or AWS) 
  • Prior coding and/or scripting experience using Java, Javascript or Python. 

 

Preferred Qualifications: 

  • Okta Certified Professional or Okta Certified Administrator or Okta Certified Consultant certification 
  • Hands-on experience with and deep technical knowledge of OPA , AVP, Rego, Google Zanzibar and other authorization frameworks 
  • Experience with Privileged Access Management tools such CyberArk, Netwrix or a comparable product 

 

Pay & Benefits

Our compensation reflects the cost of labor across several US geographic markets. At Coupang, your base pay is one part of your total compensation.

The base pay for this position ranges from 138,000/year in our lowest geographic market to $297,000/year in our highest geographic market. Pay is based on several factors including market location and may vary depending on job-related knowledge, skills, and experience.

General Description of All Benefits

  • Medical/Dental/Vision/Life, AD&D insurance
  • Flexible Spending Accounts (FSA) & Health Savings Account (HSA)
  • Long-term/Short-term Disability
  • Employee Assistance Program (EAP) program
  • 401K Plan with Company Match
  • 18-21 days of the Paid Time Off (PTO) a year based on the tenure
  • 12 Public Holidays
  • Paid Parental leave
  • Pre-tax commuter benefits
  • MTV - [Free] Electric Car Charging Station

General Description of Other Compensation

“Other Compensation” includes, but is not limited to, bonuses, equity, or other forms of compensation that would be offered to the hired applicant in addition to their established salary range or wage scale.

Coupang is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to actual or perceived race (including traits historically associated with race, including but not limited to hair texture and protective hair styles), color, religion, religious creed (including religious dress and grooming practices), sex or gender (including pregnancy, childbirth, breastfeeding, and medical conditions related to pregnancy, childbirth or breastfeeding), gender identity, gender expression, sexual orientation, ,ancestry, national origin (including language use restrictions), age (40 and over), physical or mental disability, medical condition, genetic information, HIV/AIDS or Hepatitis C status, family status (including but not limited to marital or domestic partnership status), military or veteran status, use of a trained dog guide or service animal, political activities or affiliations, ancestry, citizenship, family and medical leave status, status as a victim of any violent crime, or any other characteristic or class protected by the laws or regulations in the locations where we operate. Coupang is also committed to providing a safe work environment for its employees and its consumers. 

If you need assistance and/or a reasonable accommodation in the application of recruiting process due to a disability, please contact us at [email protected]

Requisition ID: R0047494

Apply for this job

Please mention you found this job on AI Jobs. It helps us get more startups to hire on our site. Thanks and good luck!

Get hired quicker

Be the first to apply. Receive an email whenever similar jobs are posted.

Ace your job interview

Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.

Staff Security Engineer Q&A's
Report this job
Apply for this job