[Hiring] ZTNA & IAM Engineer @GoTo

Role Description

We are seeking a Senior ZTNA Engineer with advanced expertise in Identity and Access Management (IAM), domain expert. The ideal candidate will be responsible for securely designing, developing, and managing ZTNA solutions with a strong focus on IAM integrations, authentication/authorization policies, and role-based access controls at scale. The candidate will ensure robust, automated controls for user and group management, policy assignment, and seamless integration with enterprise identity providers.

Your Day to Day

• Design and implement solutions for provisioning, configuring, and managing ZTNA (Internet Access & Private Access) environments with an IAM-centric approach.
• Integrate and automate ZTNA connections with identity providers (Azure AD, or others) for SSO/SAML, SCIM provisioning, and seamless authentication flows.
• Define and manage role-based access control (RBAC) and least-privilege policies for ZTNA administration using automated guardrails and policy-as-code.
• Have clear vision on ZTNA domain with a strong focus on IAM.
• Collaborate with IT security, IAM, and DevOps teams to align ZTNA models and user management workflows across the organization.
• Monitor and audit user/group access and policy assignments for compliance, automating risk detection, deprovisioning, and reporting wherever possible.
• Lead incident response for IAM-related events in ZTNA and coordinate root cause analysis and remediation.
• Stay current on ZTNA tools’ API capabilities, identity integration enhancements, and IAM policy best practices, proactively evolving automation codebases.
• Mentor team members and drive standardization of IAM best practices within ZTNA and related SaaS tools.
• Develop codified workflows and Infrastructure as Code (IaC) modules (Python, PowerShell, Terraform, etc.) for secure user/group provisioning, lifecycle management, and policy enforcement in ZTNA tools.
• Build and maintain CI/CD pipelines to deploy and test changes in IAM and policy-related configurations.

Qualifications

• Bachelor's or master's degree in computer science, Information Security, or a related discipline.
• 5+ years of hands-on experience in installation, configuration administration, and automation of ZTNA models.
• Proven track record with cloud security platforms like Zscaler, Palo Alto Prisma Access, Cisco Umbrella, Netskope, Cloudflare Zero Trust, or equivalent secure web gateway/Zero Trust solutions.
• Deep familiarity with IAM frameworks and integrations: SSO/SAML, SCIM, RBAC, MFA, federation (e.g., Okta, Azure AD, Ping Identity, Google Identity) and IAM solutions such as Auth0, SailPoint, ADFS or AWS IAM.
• Solid understanding of networking (TCP/IP, DNS, VPNs, proxies), authentication protocols, and compliance requirements in hybrid or cloud environments.
• Demonstrates strong analytical thinking, effective problem resolution, clear communication, and thorough documentation skills.
• Ability to collaborate effectively with cross-disciplinary teams in a large enterprise setting.
• Scripting and automation experience (Python, PowerShell, RESTful APIs), preferably in security contexts.
• Familiarity with CI/CD and DevOps practices for deploying IAM and security configurations as code.
• Experience with Infrastructure as Code and configuration management tools (Terraform, Ansible, etc.).

Requirements

• Preferred Experience & Certifications:
• ZTNA/IAM certifications (e.g., Cloudflare, ZScaler, Palo Alto, Okta Certified, Microsoft Identity).
• Experience integrating ZTNA automation with SIEM, endpoint security, or compliance platforms.
• Prior experience leading IAM automation projects in large or federated enterprise settings.

Benefits

• Comprehensive health benefits.
• Generous paid time off, paid holidays, volunteer time off, and quarterly self-care days and no meeting days.
• Tuition and reading reimbursement programs to support your continuous learning and professional growth.
• Thrive Global Wellness Program, confidential Employee Assistance Program (EAP), as well as One to One Wellness Coaching.
• Employee programs—including Employee Resource Groups (ERGs), GoTo Gives, and our charitable matching program—to amplify your connection and impact.
• GoTo performance bonus program to celebrate your impact and contributions.
• Monthly remote work stipend to support your home office expenses.