Roku is the #1 TV streaming platform in the US and Mexico, and we've set our sights on powering every television in the world. Roku pioneered streaming to the TV. Our mission is to be the TV streaming platform that connects the entire TV ecosystem. We connect consumers to the content they love, enable content publishers to build and monetize large audiences, and provide advertisers unique capabilities to engage consumers.
From your first day at Roku, you'll make a valuable - and valued - contribution. We're a fast-growing public company where no one is a bystander. We offer you the opportunity to delight millions of TV streamers around the world while gaining meaningful experience across a variety of disciplines.
About the Team
The Identity Access Management (IAM) team is at the heart of our global security efforts, ensuring that the right people have the right access to the right resources at the right time. Our team operates across North America, EMEA, and is expanding into APAC, reflecting our global presence and the critical nature of our work. We are a dedicated group of engineers who work together to design and implement robust IAM solutions that protect our organization's most valuable assets. Our work involves close collaboration with various departments to ensure that identity management and access control are seamlessly integrated into all aspects of our business. We value innovation, teamwork, and a proactive approach to security. If you're driven by the challenge of securing identities in a global environment and want to be part of a team that impacts every corner of our organization, we welcome you to join us.
About the Role
Roku is seeking a senior-level IAM Engineer to help enhance their Zero Trust Architecture, work on standardization efforts, and support a multi-cloud and geo-distributed workforce. The ideal candidate should have hands-on experience in securing cloud technologies, IAM, and Azure, as well as knowledge of IT security practices and regulatory compliance. They should also possess strong analytical skills and the ability to communicate technical concepts effectively.
What you’ll be doing
- Assess, design, implement and troubleshoot Roku’s Zero Trust Architecture
- Work on enterprise-wide standardization efforts around IAM across all global regions, monitoring and alerting, and plotting growth in support of our Zero Trust Architecture philosophy based on NIST SP 800-207
- Evolve and scale privileged access management, auditability and monitoring to support our evolution to a multi-cloud and geo-distributed workforce.
- Be an advocate for fusing security into DevOps processes working with our various DevOps teams on application security.
- Assist the wider IT team which includes Networking and Security within your local region and globally.
- Manage the onboarding of enterprise apps into Azure.
- Collaborate with teams to identify opportunities for automation and implement automated solutions where applicable
We’re excited if you have
- Strong analytical skills and attention to detail to effectively troubleshoot complex infrastructure issues.
- Ability to communicate technical concepts to both technical and non-technical stakeholders through clear verbal and written communication skills.
- 5+ years of hands-on experience securing cloud technologies, identity & access management supported by Microsoft.
- Possess advanced knowledge of Azure Single Sign-On (SSO) login methods, specifically OAuth2, OpenID Connect, and SAML, and demonstrate expertise in their integration with various applications.
- Microsoft 365 and supporting infrastructure – Entra ID, Endpoint Management, Exchange Online, Identity Governance
- Endpoint and Configuration Management knowledge – Intune, JAMF, Defender
- Azure Cloud and AWS experience required. GCP experience is a bonus.
- Experience with migrating legacy LDAP applications to Azure SSO
- Solid understanding of Microsoft's Conditional Access policies
- Automation & programming skills with Azure bash, PowerShell and MSFT Graph, other languages are a plus
- Azure knowledge including: Conditional Access, Function apps, logic apps, Entra ID Domain Services, PIM, automation accounts, Resources (Storage, DBs, VM, networking, resource groups)
- MFA, FIDO, Passwordless auth, Passkey
- Azure OpenAI experience is a plus
- Proven understanding of Zero Trust Architecture
- Strong experience and in-depth understanding of SaaS
- Knowledge of IT security practices and regulatory compliance, including NIST, GDPR, SOC 2, PCI DSS, and HIPAA
- Logging (SIEM), Monitoring, Alerting and Response in relation to triggered security events (Identity, Device or Service based)
- Backup/recovery understanding and business continuity
- DevOps skills a bonus: IaC (Infrastructure as code) using tools such as Terraform, Azure tools (Blueprint, Bicep, ARM), AWS CloudFormation, etc.
- DNS expertise
- Understanding of email security.
- Practical Linux and Networking skills a plus
- Familiarity with Jira and Confluence
- Microsoft Azure, AWS, GCP, or CISSP (or similar) certifications or others are a plus
- B.S. Degree in Computer Science, Information Technology, Engineering discipline or equivalent experience.
#LI-GL1
Roku is committed to offering a diverse range of benefits as part of our compensation package to support our employees and their families. Our comprehensive benefits include global access to mental health and financial wellness support and resources. Local benefits include statutory and voluntary benefits which may include healthcare (medical, dental, and vision), life, accident, disability, commuter, and retirement options (401(k)/pension). Our employees can take time off work for vacation and other personal reasons to balance their evolving work and life needs. It's important to note that not every benefit is available in all locations or for every role. For details specific to your location, please consult with your recruiter.
The Roku Culture
Roku is a great place for people who want to work in a fast-paced environment where everyone is focused on the company's success rather than their own. We try to surround ourselves with people who are great at their jobs, who are easy to work with, and who keep their egos in check. We appreciate a sense of humor. We believe a fewer number of very talented folks can do more for less cost than a larger number of less talented teams. We're independent thinkers with big ideas who act boldly, move fast and accomplish extraordinary things through collaboration and trust. In short, at Roku you'll be part of a company that's changing how the world watches TV.
We have a unique culture that we are proud of. We think of ourselves primarily as problem-solvers, which itself is a two-part idea. We come up with the solution, but the solution isn't real until it is built and delivered to the customer. That penchant for action gives us a pragmatic approach to innovation, one that has served us well since 2002.
To learn more about Roku, our global footprint, and how we've grown, visit https://www.weareroku.com/factsheet.
By providing your information, you acknowledge that you have read our Applicant Privacy Notice and authorize Roku to process your data subject to those terms.
