Enterprise Identity & Access Management Engineer II

Careem is looking for an Enterprise Identity & Access Management (IAM) Engineer. As a member of an agile team, you will be responsible for the design, implementation, and maintenance of our current and future enterprise Identity & Access Management services (e.g., Okta, SailPoint, Thycotic, CyberArk etc.) in addition to helping onboard existing and new applications into such systems. You will be expected to drive constant innovation on the ground in a dynamic environment experiencing exciting hyper growth across geographies and verticals. As well as working independently, you will also be responsible for making technical decisions, implementing them and pushing for wider adoption within the rest of the team members and across the wider department.

The individual will work closely with our Infrastructure, IT, Compliance and Legal teams to help build secure and robust enterprise IAM systems. We are a remote-first company and this brings interesting challenges for you to solve in the IAM space. We are passionate about our employees’ experience, and we are looking to reduce friction in every aspect of our colleague Identity and Access Management areas by using modern and pragmatic IAM practices to meet the stringent security requirements we put on ourselves.

Key Responsibilities

• Combine your knowledge and expertise in IAM with the goals of our business to support and maintain a world-class enterprise IAM infrastructure to enable our continued growth;
• Implement, maintain and modernize Careem’s Identity and Access Management systems ensuring they are widely adopted, provide a world-class experience to our colleagues and stay secure and compliant;
• Solve business and colleague experience problems through judicious use of technology;
• Assist in driving the identity architecture and strategic decisions as Careem moves along its growth and maturity curve;
• Communicate and collaborate effectively with stakeholders.

What You’ll Need

• You have an extensive and deep level of hands-on understanding of authentication concepts and implementation details (e.g., SSO, OAuth2, SAML, OpenID Connect);
• At least 5 years of hands-on experience in enterprise/corporate Identity and Access Management systems;
• You have a ‘can do’ attitude and you are more proactive than reactive;
• Excellent communication skills;
• You are passionate about automation and toil reduction;
• Bachelor’s degree in Computer Science, Management Information Systems; Information Systems, or a related field/experience is required.
• Extensive experience with designing and implementing IAM systems using vendors products (Okta, Ping, OneLogin, Azure AD);
• Experience in implementing IAM controls needed by regulations like SOx, GDPR etc.
• Hands-on experience working with cloud IAM systems like AWS Directory and identity and access management systems;
• Demonstrable ability to challenge, steer, and implement the future vision and roadmap for Identity, Authentication and Authorization;
• Skills to design and implement systems to enable seamless and secure access to applications that support our internal colleagues and their operational needs while keeping the systems stable and secure;
• You are passionate about automation and working with tools and languages to support it (e.g., Python, scripting languages, Git, CI/CD pipelines);
• Strong Plus: Demonstrable experience in managing a Privileged Access Management (PAM) system.
• Plus: Experience working in hyper growth e-commerce environment.

Where you’ll be

• This role is part of a remote distributed team! This means you can be based in any of the countries where we currently have an engineering site. If you would like to join us in Dubai, Berlin, Ukraine, Russia, Poland, Pakistan, Egypt, Lebanon or Jordan, that’s fine with us (Visa permitting)!
• Even though we are working remotely, we are strong believers in collaboration and the power of building social connections with our teams. For that reason, our offices are still open and provide plenty of collaboration-friendly spaces at times when teams need it or if you need a quiet space to work outside of home.
• You’ll be working in the location you’re hired from. Due to legal and compensation considerations, you will need to be based out of the country you’re hired from as your primary work location.