Senior Identity Access Management Engineer

Teamwork makes the stream work. Roku is changing how the world watches TV Roku is the #1 TV streaming platform in the U.S., Canada, and Mexico, and we've set our sights on powering every television in the world. Roku pioneered streaming to the TV. Our mission is to be the TV streaming platform that connects the entire TV ecosystem. We connect consumers to the content they love, enable content publishers to build and monetize large audiences, and provide advertisers unique capabilities to engage consumers. From your first day at Roku, you'll make a valuable - and valued - contribution. We're a fast-growing public company where no one is a bystander. We offer you the opportunity to delight millions of TV streamers around the world while gaining meaningful experience across a variety of disciplines. About role Roku is seeking a senior-level Identity Engineer to enhance its Zero-Trust architecture, drive standardization initiatives, and optimize its Microsoft-centric identity platform for a geographically distributed workforce. The ideal candidate has hands-on experience in identity and access management (IAM) and securing cloud environments within the Microsoft ecosystem, with deep expertise in Azure Entra ID. Equally important is a strong automation mindset—designing, scripting, and building repeatable workflows. The role also requires the ability to communicate complex technical concepts clearly to both technical and non-technical audiences. For New York Only - The estimated annual salary for this position is between $158,000 - $279,000 annually. Compensation packages are based on factors unique to each candidate, including but not limited to skill set, certifications, and specific geographical location. This role is eligible for health insurance, equity awards, life insurance, disability benefits, parental leave, wellness benefits, and paid time off. What you'll be doing • Lead enterprise-wide IAM standardization, including identity lifecycle, access governance, and policy enforcement across global regions. • Drive automation across IAM to streamline administration and deliver a smoother user experience. • Support enterprise applications onboarding into Azure Entra ID, including SSO, Conditional Access, and role-based access control (RBAC). • Enhance privileged access management and implement scalable monitoring, alerting, and auditability solutions to support a secure, geographically distributed workforce. • Collaborate with IT, Networking, and Security teams to troubleshoot identity-related issues and support global infrastructure initiatives. • Advance Zero Trust Identity Fabric principles like continuous verification, least-privilege access, and identity-aware policy enforcement across users, devices, workloads, and non-human identities. • Build identity automation with a DevOps mindset, writing scripts, developing pipelines, and engineering tooling from scratch rather than just configuring them. We're excited if you have • 8+ years of hands-on experience with identity and access management and automating cloud technologies, particularly within the Microsoft ecosystem. • Strong analytical skills and attention to detail, with the ability to troubleshoot complex infrastructure and identity-related issues. • Excellent communication skills, with the ability to clearly explain technical concepts to both technical and non-technical stakeholders. • Deep experience with Microsoft Entra ID, including Conditional Access, Identity Governance, and Privileged Identity Management.

Get roles like this the moment they post.