In this role, you will focus on identity and access management, secure collaboration, endpoint/VDI, and SaaS governance. You will partner closely with IT Engineering, Security, People, and Compliance to make access secure by default, reduce friction in onboarding and offboarding, and improve the overall employee experience.

About the role:

You will translate requirements from Security, Compliance, IT, and business stakeholders into clear product outcomes across platforms such as Okta, Opal, VDI, MDM, Google Workspace, Slack, Zoom, and other SaaS applications. You will help convert the existing Staff IT Systems Engineer responsibilities into scalable, measurable product capabilities that align with the IT Infra and Ops charter.

Own the product vision, strategy, and roadmap for IAM and security-aligned IT infrastructure, including Okta, access governance, endpoint management, and VDI, aligned to IT Infra and Ops priorities.

Act as a primary product partner and escalation point for Engineering and Security on identity, access, and secure remote access, helping prioritize and resolve high-impact issues.

Define and improve end-to-end joiner, mover, and leaver flows, ensuring user provisioning, de-provisioning, and access changes are secure, automated, and reliable.

Establish standards for SSO integrations and app onboarding and offboarding in Okta, working with engineers to onboard new applications, deprecate legacy patterns, and maintain a consistent SSO experience.

Design and roll out access policies, baseline RBAC, and Just-in-Time and time-bound access patterns in partnership with Security, Compliance, and IT Engineering, with clear controls and auditability.

Own the VDI and secure remote access experience as a product surface, partnering with engineering on performance, reliability, and hardening, and defining SLIs, SLOs, and incident playbooks.

Collaborate with Security, People, and IT to define automated onboarding and offboarding processes that cover identity, devices, collaboration tools, and privileged access.

Define requirements for automation, policies, and scripts using vendor APIs to manage company devices and SaaS services such as Google Workspace, Slack, Zoom, and MDM tools.

Partner with IT Infra and Ops and Finance to support asset and SaaS lifecycle management, including inventory visibility, licensing utilization, and access governance for endpoints and applications.

Ensure documentation, runbooks, and training material for IAM, VDI, and related security and IT processes are accurate, accessible, and kept up to date for internal employees and IT staff.

Build strong relationships with IT Engineering, Security, Compliance, People, and business stakeholders, with clear intake, prioritization, and communication around roadmap, tradeoffs, and delivery.

Define and track key metrics such as time-to-access for new hires, reduction in access-related tickets, SSO coverage, QAR completion, and control failures, and use these metrics to drive prioritization.

Who You Are:

7+ years of experience in IT product management, technical program management, or systems engineering roles focused on SaaS, identity, security, or endpoint platforms.

Practical experience with administration or close partnership on platforms such as Okta (Identity Engine and Identity Governance), Google Workspace, Slack, Zoom, MDM or endpoint management tools, and VDI solutions.

Strong understanding of identity and access management concepts and practices, including SSO, federation, RBAC, joiner and leaver lifecycle, privileged access, and quarterly access reviews.

Experience collaborating with or supporting Microsoft, Linux, and Mac user environments, especially for secure access, device management, and productivity tooling.

Demonstrated experience defining and driving automation workflows and integrations that remove manual IT and security tasks, such as access provisioning, group management, and device or SaaS lifecycle actions.

Familiarity with CI or CD tools and Git, and the ability to work closely with engineers on configuration, releases, and environment management.

Comfort working with at least one programming or scripting language, such as Python or Go, at a level sufficient to understand implementation options and tradeoffs.

Experience partnering with Security and Compliance on access controls, ITGCs, and IT application controls for frameworks such as SOX or SOC 2, including control design and evidence collection.

Strong written and verbal communication skills, with the ability to translate technical and security concepts into clear product narratives and decisions for both technical and non-technical audiences.

Preferred:

Experience in high-growth, cloud-native, or security-sensitive environments where identity, access, and endpoint posture are tightly linked to customer and compliance expectations.

Prior ownership of IAM or security products such as Okta, Opal, CyberArk, VDI, or device management platforms as a product manager or TPM.

Familiarity with automation and infrastructure-as-code tooling such as Terraform, Ansible, Chef, Intune, Jamf, or similar technologies.

Experience contributing to or leading M&A-related migrations involving identity consolidation, SSO rationalization, or access model redesign.

Exposure to AI or agent-based IT support models and interest in using them to reduce IT ticket volume and improve time to resolution.

Why CoreWeave?

At CoreWeave, we work hard, have fun, and move fast! We’re in an exciting stage of hyper-growth that you will not want to miss out on. We’re not afraid of a little chaos, and we’re constantly learning. Our team cares deeply about how we build our product and how we work together, which is represented through our core values:

Be Curious at Your Core

Act Like an Owner

Empower Employees

Deliver Best-in-Class Client Experiences

Achieve More Together

We support and encourage an entrepreneurial outlook and independent thinking. We foster an environment that encourages collaboration and provides the opportunity to develop innovative solutions to complex problems. As we get set for takeoff, the growth opportunities within the organization are constantly expanding. You will be surrounded by some of the best talent in the industry, who will want to learn from you, too. Come join us!

The base salary range for this role is $143,000 to $210,000. The starting salary will be determined based on job-related knowledge, skills, experience, and market location. We strive for both market alignment and internal equity when determining compensation. In addition to base salary, our total rewards package includes a discretionary bonus, equity awards, and a comprehensive benefits program (all based on eligibility).

What We Offer

The range we’ve posted represents the typical compensation range for this role. To determine actual compensation, we review the market rate for each candidate which can include a variety of factors. These include qualifications, experience, interview performance, and market conditions.

XML job scraping automation by YubHub

This is a highly visible, high-impact role where identity sits at the center of security. You will define how access is granted, changed, and removed across the organization, enabling business velocity while enforcing least privilege and strong governance.

Key responsibilities include:

Design and scale enterprise identity architecture that minimizes access sprawl and enforces least privilege

Own and improve Joiner, Mover, and Leaver (JML) lifecycle processes across all critical systems

Build and operate identity governance and administration (IGA) capabilities including birthright access models, role-based access control (RBAC), approval workflows and policy enforcement, access reviews and certification processes

Administer and enhance Okta capabilities (SSO, MFA, adaptive policies, lifecycle management, SCIM, integrations)

Build and scale access request workflows in Opal and integrated systems

Integrate new applications into the identity ecosystem (SAML, OIDC, SCIM, role mapping)

Develop automation and infrastructure-as-code to improve reliability and reduce manual effort

Partner with Security to strengthen identity as a core control plane (Zero Trust, authentication, authorization)

Align identity systems with PeopleOps and organizational changes

Monitor and improve identity system health, observability, and performance

Troubleshoot complex authentication, provisioning, and authorization issues

Maintain documentation, runbooks, and architectural standards

Serve as an escalation point for identity-related incidents

Drive continuous improvement in identity architecture, governance, and user experience

Requirements include:

7–10+ years of experience in IT systems engineering, identity engineering, or systems architecture

Deep hands-on experience with Okta in a complex enterprise environment

Strong expertise in identity and access concepts (SSO, MFA, SAML, OAuth, OIDC, SCIM, RBAC, Zero Trust)

Proven experience designing lifecycle automation (JML) and access governance frameworks

Experience with IGA or access request platforms such as Opal

Strong automation and infrastructure-as-code experience (Terraform, APIs, Python/PowerShell/Golang)

Ability to integrate enterprise applications into centralized identity platforms

Strong troubleshooting skills across identity, federation, and provisioning systems

Excellent communication skills with the ability to influence cross-functional stakeholders

Preferred qualifications include familiarity with Active Directory, Entra ID, HRIS systems, and SaaS ecosystems, experience building identity observability and reporting, and relevant certifications (Okta, cloud, or security).

Why CoreWeave?

At CoreWeave, we work hard, have fun, and move fast! We're in an exciting stage of hyper-growth that you will not want to miss out on. We're not afraid of a little chaos, and we're constantly learning. Our team cares deeply about how we build our product and how we work together, which is represented through our core values:

Be Curious at Your Core

Act Like an Owner

Empower Employees

Deliver Best-in-Class Client Experiences

Achieve More Together

Why This Role Matters

Identity is one of the most critical control planes in a modern enterprise. In this role, you will define how secure access is managed across CoreWeave, ensuring identity remains a foundational pillar of security, compliance, and scale.

The base salary range for this role is $188,000 to $275,000. The starting salary will be determined based on job-related knowledge, skills, experience, and market location. We strive for both market alignment and internal equity when determining compensation. In addition to base salary, our total rewards package includes a discretionary bonus, equity awards, and a comprehensive benefits program (all based on eligibility).

What We Offer

The range we've posted represents the typical compensation range for this role. To determine actual compensation, we review the market rate for each candidate which can include a variety of factors. These include qualifications, experience, interview performance, and location.

In addition to a competitive salary, we offer a variety of benefits to support your needs, including medical, dental, and vision insurance, company-paid life insurance, voluntary supplemental life insurance, short and long-term disability insurance, flexible spending account, health savings account, tuition reimbursement, ability to participate in employee stock purchase program (ESPP), mental wellness benefits through Spring Health, family-forming support provided by Carrot, paid parental leave, flexible, full-service childcare support with Kinside, 401(k) with a generous employer match, flexible PTO, catered lunch each day in our office and data center locations, a casual work environment, and a work culture focused on innovative disruption.

XML job scraping automation by YubHub

At Cloudflare, we are on a mission to help build a better Internet. Today the company runs one of the world’s largest networks that powers millions of websites and other Internet properties for customers ranging from individual bloggers to SMBs to Fortune 500 companies.

This role is responsible for the technical administration, environment management, and ongoing platform integrity of the Oracle Fusion ERP Cloud environment, operating as a pure technical administrator for Oracle Fusion Applications and the underlying Cloud Infrastructure.

Key Responsibilities

• Environment Management & Maintenance: Own the technical management of all Fusion environments, including executing scheduled environment refreshes, cloning instances, managing environment usage, and ensuring system configuration baselines.

• Cloud Update Execution: Participate in the technical preparation and execution of Oracle’s mandatory quarterly cloud updates, including performing pre-update checks and technical smoke testing post-update.

• Platform Stability & Governance: Own the non-functional requirements for the Oracle Cloud environment, including security architecture, role design governance, and performance benchmarking. Enforce technical configuration control standards.

• Security Administration: Provide security administration and support for the all Oracle Fusion Applications, PaaS and DBaaS platforms, focusing on security key management, monitoring dashboards, and assisting with artifact deployment.

• Risk Management Cloud: Own the Oracle Fusion Risk Management Cloud service as the technical owner and provide support to the Compliance business teams

• Technical Support & Troubleshooting: Provide Level 2/3 technical support for environment-related issues, access problems, and deployment failures. Serve as an escalation point to conduct root cause analysis for platform-level incidents.

Required Qualifications

• 5+ years focusing on the technical administration/support within an Oracle Fusion environment.

• Expert-level knowledge of managing Oracle Fusion Cloud environments, including environment refresh and cloning processes.

• Deep technical familiarity with Oracle Cloud Infrastructure administration and monitoring.

• Strong understanding of security architecture, Oracle Fusion Risk Management Cloud, role design governance, and performance management within a cloud ERP.

Preferred Qualifications

• Experience in an organization transitioning to Oracle Cloud Ecosystem.

• Hands-on experience with various OCI PaaS Toolsets.

• Exposure to the Data Center Infrastructure industry

• Relevant professional product/functional certifications (e.g., Oracle Cloud Infrastructure and Security certifications)

• Skilled in administering DevOps tools like Flexagon FlexDeploy and using Opal IGA tool

What Makes Cloudflare Special?

We’re not just a highly ambitious, large-scale technology company. We’re a highly ambitious, large-scale technology company with a soul. Fundamental to our mission to help build a better Internet is protecting the free and open Internet.

Project Galileo: Since 2014, we've equipped more than 2,400 journalism and civil society organizations in 111 countries with powerful tools to defend themselves against attacks that would otherwise censor their work, technology already used by Cloudflare’s enterprise customers--at no cost.

Athenian Project: In 2017, we created the Athenian Project to ensure that state and local governments have the highest level of protection and reliability for free, so that their constituents have access to election information and voter registration. Since the project, we've provided services to more than 425 local government election websites in 33 states.

1.1.1.1: We released 1.1.1.1 to help fix the foundation of the Internet by building a faster, more secure and privacy-centric public DNS resolver. This is available publicly for everyone to use - it is the first consumer-focused service Cloudflare has ever released.

Here’s the deal - we don’t store client IP addresses never, ever. We will continue to abide by our privacy commitment and ensure that no user data is sold to advertisers or used to target consumers.

Sound like something you’d like to be a part of? We’d love to hear from you!

This position may require access to information protected under U.S. export control laws, including the U.S. Export Administration Regulations. Please note that any offer of employment may be conditioned on your authorization to receive software or technology controlled under these U.S. export laws without sponsorship for an export license.

Cloudflare is proud to be an equal opportunity employer. We are committed to providing equal employment opportunity for all people and place great value in both diversity and inclusiveness. All qualified applicants will be considered for employment without regard to their, or any other person's, perceived or actual race, color, religion, sex, gender, gender identity, gender expression, sexual orientation, national origin, ancestry, citizenship, age, physical or mental disability, medical condition, family care status, or any other basis protected by law.

We are an AA/Veterans/Disabled Employer. Cloudflare provides reasonable accommodations to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job. Examples of reasonable accommodations include, but are not limited to, changing the application process, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment. If you require a reasonable accommodation to apply for a job, please contact us via e-mail at hr@cloudflare.com or via mail at 101 Townsend St. San Francisco, CA 94107.

XML job scraping automation by YubHub