Job description

Position: Staff Security Engineer (Identity and Access Management) We exist to wow our customers. We know we're doing the right thing when we hear our customers say, "How did we ever live without Coupang?" Born out of an obsession to make shopping, eating, and living easier than ever, we're collectively disrupting the multi-billion-dollar e-commerce industry from the ground up. We are one of the fastest-growing e-commerce companies that established an unparalleled reputation for being a dominant and reliable force in South Korean commerce. We are proud to have the best of both worlds - a startup culture with the resources of a large global public company. This fuels us to continue our growth and launch new services at the speed we have been since our inception. We are all entrepreneurial surrounded by opportunities to drive new initiatives and innovations. At our core, we are bold and ambitious people that like to get our hands dirty and make a hands-on impact. At Coupang, you will see yourself, your colleagues, your team, and the company grow every day. Our mission to build the future of commerce is real. We push the boundaries of what's possible to solve problems and break traditional tradeoffs. Join Coupang now to create an epic experience in this always-on, high-tech, and hyper-connected world. Role Overview Coupang's Access Management Team operates a centralized platform for authentication and authorization. The team is responsible for Single Sign-On (SSO), dynamic authorization based on policies, and providing operational support for user access. The Access Management team ensures that the right users have access to enterprise assets in the appropriate context. We are currently seeking an IAM Solutions Architect with prior experience in designing and delivering solutions across SSO, MFA, and policy-based Dynamic Authorization, as well as a strong foundation of IAM skills across Identity governance, compliance and risk management. The ideal candidate should be enthusiastic about working with new technologies and be ready to accomplish tasks in a fast-paced, innovative, and collaborative startup environment. What You Will DoLead architecture and design for enterprise-wide access management solutions such as SSO, MFA, dynamic authorization, and privileged access management. Produce artifacts for custom solutions implemented. Share responsibility for managing and maintaining highly resilient authentication platform ensuring 99.999% availability for business-critical applications Be responsible for setting the strategy and roadmap for Authentication and Authorization Services, architect and solution design, review security findings and implement timely fixes. Have strong hands-on experience in building HA/DR, resilience capabilities for authentication services. As the SME for access management tools, provide technical training and educate IAM team peers. As a Technical Lead, you should be able to solve complex problems, use sophisticated analytical thinking to exercise judgment and identify innovative solutions. Provide L3 support for escalations on user access issues and platform/tool defects. Guide enterprise teams to adopt SSO technologies, enable fine-grained access control using dynamic claims-based authorization. Must be able to drive discussions across various engineering teams and other IAM security engineers and operations team to ensure that Info Sec guidelines and standards are adhered to while meeting the requirements for the business. Collaborate with others in the IAM and Security teams to establish standard operations, new capabilities, as well as provide input on best practices for enabling access and authorization for critical apps and assets. Author technical documentation, such as system design and engineering artifacts for custom solutions Support the day-to-day operations of the Access Management team. Develop and maintain documentation of Standard operational processes. Stay up to date with the latest security best practices and remain informed about new threats and CVEs. Participate in 24x7 after business hours on-call rotation for L2/L3 support for critical services. Develop scripts to automate operation tasks to improve efficiency. Basic Qualifications Have a Dev Ops mindset, understanding the collaboration and integration required to achieve objectives including Agile and Continuous Delivery methodologies. Hands on experience with Terraform or similar technology, adopting Infrastructure-as-a-Code best practices for IAM tools Solid hands-on experience with and deep knowledge of SSO tools such as Okta, Azure AD, Ping or a comparable product Hands on implementation experience of dynamic authorization frameworks with and deep knowledge of Plain ID or similar PBAC tool Strong technical knowledge of authentication/authorization, identity management standards and protocols such as LDAP, SAML, OpenID Connect, OAuth2 Have working knowledge of the MFA/FIDO security products providing advanced biometrics authentication solutions. Experience with various LDAP…

Requirements