Home
Recruiter
Sign In

Security Software Engineer, IAM

Remote from
USA
Salary, yearly, USD
208,000 - 312,000
Department
Cybersecurity
Employment type
Full Time,
Job posted
Apply before
25 Jul 2026
Experience level
Senior
Views / Applies
78 / 23
About company Share

About Vercel

The platform for frontend developers.

Actively Hiring
Verified job posting
This job post has been manually reviewed for authenticity and compliance.

AI Summary

Vercel is seeking a senior Security Software Engineer to own the Identity and Access Management (IAM) strategy across corporate and production environments. This role involves migrating Okta to Terraform, enforcing least-privilege access, and building MDM/MAM tooling. The ideal candidate has 7+ years of experience in IAM or platform security, deep Okta expertise, and a strong background in infrastructure-as-code. This is a high-impact, autonomous role reporting to the Head of Security, based remotely in the US with optional office days in SF or NY.

Role DNA

Job Complexity
Easy Hard
Pace & Pressure
Relaxed Fast-paced
Autonomy Level
Guided Full Ownership
Communication Load
Independent Highly Collaborative
AI Insight The role requires 7+ years of experience, deep technical expertise in Okta and Terraform, and the ability to design IAM strategy at scale, making it a challenging senior position.

Salary Analysis

Median Highly Competitive
USD260,000
US Market
USD150k – 350k
0 USD385k
AI Insight The offered salary range of $208,000 - $312,000 is competitive for a senior IAM role in the San Francisco market, with a median of $260,000. This aligns with the high level of experience and ownership required.

Key Skills

Okta Terraform IAM AWS IAM GCP IAM MDM MAM Infrastructure as Code Access Control Security Engineering

Dear Hiring Team,

I am excited to apply for the Security Software Engineer, IAM position at Vercel. With over 8 years of experience in identity and access management, I have deep expertise in Okta, Terraform, and designing IAM strategies for both corporate and production environments. I am particularly drawn to this role because of the opportunity to own the full IAM roadmap and drive infrastructure-as-code adoption.

In my previous role at [Company], I led a migration of Okta to Terraform, reducing configuration drift by 90% and improving audit readiness. I also implemented least-privilege access controls across AWS and GCP, and deployed MDM solutions for thousands of endpoints. I thrive in fast-paced, autonomous environments and enjoy collaborating with engineering, IT, and security teams to embed best practices early in the design process.

I am inspired by Vercel's mission to shape the next generation of web infrastructure and would love to contribute to building a secure platform for developers and agents. Thank you for considering my application.

Sincerely,
[Your Name]

Can you describe your experience migrating Okta to Terraform and the challenges you faced?
I led a migration of Okta configuration to Terraform, transitioning from manual management to infrastructure-as-code. Key challenges included mapping Okta dependencies, managing state, and ensuring zero downtime during migration. I resolved these by breaking the migration into phases, using Terraform workspaces for environment isolation, and implementing rigorous testing.
How would you design a least-privilege access control strategy for a cloud-native company like Vercel?
I would start by inventorying all resources and identities, then apply the principle of least privilege by creating role-based access controls with just-in-time permissions. For production, I'd use AWS IAM roles with trust policies for workload identity federation, and for corporate, I'd enforce SSO with SCIM provisioning and regular access reviews.
Explain your experience with MDM/MAM solutions and how you would secure mobile access.
I have deployed Jamf for macOS and Intune for Windows and mobile devices. I would implement conditional access policies requiring device compliance, enforce encryption, and use containerization for corporate data. For mobile, I'd deploy MAM to separate work apps and data via app protection policies.
How do you approach collaboration with engineering teams to embed IAM best practices early in development?
I participate in early design reviews, create IAM decision trees and documentation, and provide training on secure authentication patterns. I also develop shared libraries and templates for common patterns like OIDC integration, making it easy for teams to adopt best practices.
Describe a time you had to drive a complex IAM initiative with cross-functional teams. How did you ensure alignment?
At my previous company, I led a project to unify IAM across multiple SaaS tools. I established a steering committee with stakeholders from IT, Engineering, and Compliance, held bi-weekly syncs, and created a shared roadmap. I used demos and proof-of-concepts to build consensus, and we achieved a 50% reduction in access management overhead.

About Vercel:

Vercel is the agentic infrastructure company. We free people and agents to ship what’s next.

For more than a decade, Vercel has shaped how the web is built. As the team behind Next.js, v0, and AI SDK, we create products that help builders move from idea to production with speed, security, and exceptional developer experience.

Now, software is entering a new era, and the next generation of products will not just be used by people. They will be built, extended, and operated by agents.

We are building the platform for that future, trusted by companies like OpenAI, PayPal, Ramp, Supreme, and millions of developers worldwide. Whether you’re building our products, supporting our customers, growing our community, or shaping our story, you’ll help define what comes next.

About the Role:

We’re looking for aSecurity Software Engineer to join our Security team and own Vercel’s Identity and Access Management strategy – across both corporate and production environments. This is a high-impact, ownership-heavy role: you’ll define IAM architecture from the ground up, migrate Okta fully behind Terraform, and serve as the subject matter expert who levels up the entire organization on IAM best practices.

You will report to the Head of Security and be located remotely within the United States. If you’re based within commuting distance of our SF or NY offices, the role includes in-office anchor days on Monday, Tuesday, and Friday.

What You Will Do:

  • Own the full IAM strategy for both corporate and production environments – defining the roadmap, standards, and architecture end to end
  • Migrate Okta and all related IAM configuration to Terraform, driving infrastructure-as-code adoption and leveling up engineering teams in its use
  • Lead Vercel-on-Vercel and Vercel infrastructure cleanup initiatives, ensuring our internal systems reflect the same standards we sell to customers
  • Design and enforce least-privilege access controls across cloud, SaaS, and production infrastructure
  • Partner with platform and engineering teams to embed IAM best practices early in the design process
  • Build and manage MDM/MAM tooling to secure endpoint and mobile device access across the organization
  • Drive automation across provisioning, deprovisioning, and access review workflows
  • Serve as the IAM subject matter expert across Security, IT, and Engineering

About You:

  • 7+ years of experience in identity, access management, or platform security engineering
  • Deep expertise with Okta – including SSO, MFA, lifecycle management, and API-driven automation
  • Proficient in Terraform and committed to managing IAM infrastructure as code
  • Experience designing IAM strategy at scale – across both corporate (IT/SaaS) and production (cloud infrastructure) environments
  • Hands-on experience with AWS or GCP IAM – service accounts, roles, workload identity federation
  • Background in MDM/MAM solutions (Jamf, Intune, or equivalent)
  • Strong collaborator who can drive alignment across Engineering, IT, Compliance, and Security teams
  • Comfortable operating with autonomy and owning decisions in a fast-moving environment

Bonus If You:

  • Experience leading Terraform migrations for IAM or identity infrastructure at scale
  • Background in SCIM, SAML, OIDC, and directory services (e.g., Google Workspace, Azure AD)
  • Contributions to internal developer platforms or security tooling
  • Experience at a developer tools, infrastructure, or SaaS company
  • Certifications such as Okta Certified Professional/Administrator, AWS Security Specialty, or CISSP

Benefits:

  • Competitive compensation package, including equity.
  • Inclusive Healthcare Package.
  • Learn and Grow – we provide mentorship and send you to events that help you build your network and skills.
  • Flexible Time Off.
  • We will provide you the gear you need to do your role, and a WFH budget for you to outfit your space as needed.

The San Francisco, CA base pay range for this role is $208,000 – $312,000. Actual salary will be based on job-related skills, experience, and location. Compensation outside of San Francisco may be adjusted based on employee location. The total compensation package may include benefits, equity-based compensation, and eligibility for a company bonus or variable pay program depending on the role. Your recruiter can share more details during the hiring process. 

Vercel is committed to fostering and empowering an inclusive community within our organization. We do not discriminate on the basis of race, religion, color, gender expression or identity, sexual orientation, national origin, citizenship, age, marital status, veteran status, disability status, or any other characteristic protected by law. Vercel encourages everyone to apply for our available positions, even if they don’t necessarily check every box on the job description.

Apply now >

This job listing has been manually reviewed by the Jobicy Trust & Safety Team for compliance with our posting guidelines, including verification of the company's legitimacy, accuracy of job details, clarity of remote work policy, and absence of misleading or fraudulent content.

How to apply

Did you apply? Let us know, and we’ll help you track your application.

For safety tips, see our guides, and please let us know if you need any assistance.

Log in to save
You're almost done!

Create a free account with us to save a history of all jobs you've shown interest in.

You can also continue as a guest if you prefer.

Share

See a few more

Similar Cybersecurity remote jobs

More Jobs

Job Search Safety Tips

Here are some tips to help you search and apply for jobs safely:
Watch out for suspicious jobs Don't apply for jobs that offer high pay for little work or offer to hire you without an interview. Read more ›
Check the employer's profile Make sure you're applying for a trustworthy job by visiting the employer's profile and learning more about them. Read more ›
Protect your information Don't share personal details like your bank account or government-issued ID on suspicious websites or messengers. Read more ›
Report jobs that feel unsafe If you see a job that seems misleading, inappropriate or discriminatory, report it for going against our policies and we'll review it.

Share this job

Jobicy+ Subscription

Jobicy

617 professionals pay to access exclusive and experimental features on Jobicy

Free

USD $0/month

For people just getting started

  • • Unlimited applies and searches
  • • Access on web and mobile apps
  • • Weekly job alerts and digest
  • • Access to additional tools like Bookmarks, Applications, and more

Plus

USD $8/month

Everything in Free, and:

  • • Ad-free experience
  • • Daily job alerts and digest
  • • Personal career consultant
  • • AI-powered job advice
Go to account ›