Senior Security IAM Engineer

Scopely is looking for a Senior IAM Security Engineer  to support our global IT Security  team in Europe on a hybrid basis or remote basis.This individual will apply their advanced expertise to build and mature our modern IAM program in a way that is relevant to a global, complex, technology-driven organization. In this position, you will work closely with security, platform engineering, and infrastructure teams to design, build, and evolve Scopely’s IAM architecture to meet the needs of a high-scale, multi-cloud, and developer-driven environment. At Scopely, we care deeply about what we do and want to inspire play, every day - whether in our work environments alongside our talented colleagues, or through our deep connections with our communities of players. We are a global team of game lovers who are developing, publishing and innovating the mobile games industry, connecting millions of people around the world daily. What You Will Do:

• Own and evolve Scopely’s modern IAM architecture to support a dynamic, cloud-native environment across AWS, GCP, and SaaS applications
• Design and implement federated identity management (OIDC, SAML, SCIM) and role-based access control (RBAC) / attribute-based access control (ABAC) across internal and external platforms
• Develop scalable access automation solutions for developer self-service, least-privilege access, and ephemeral credentials
• Build and manage enterprise-wide authentication and authorization strategies leveraging modern identity providers like Okta, AWS IAM Identity Center, and Google Cloud IAM
• Partner with security and engineering teams to implement zero-trust principles and enforce adaptive access controls
• Automate provisioning, deprovisioning, and access audits with Infrastructure-as-Code (Terraform, Pulumi) and identity workflows
• Lead IAM threat modeling, access reviews, and anomaly detection to proactively identify misconfigurations or abuse
• Drive adoption of passwordless authentication, MFA everywhere, and just-in-time access to minimize risk
• Collaborate with compliance and security teams to ensure IAM policies align with regulatory requirements (SOC2, ISO27001, etc.)
• Serve as a subject matter expert on identity security, mentoring other engineers and influencing security strategy
• Collaborate with game teams to align workforce and gaming IAM strategies, ensuring seamless integration, security, and compliance across all identity and access management initiatives

What We’re Looking For:

• Experience working at a startup or high-scale technology company (FANG, unicorn, or fast-growth SaaS)—you understand how identity needs to scale
• Deep expertise in modern IAM principles—federation, fine-grained access controls, identity lifecycles, and zero-trust authentication
• Strong knowledge of cloud IAM models—AWS IAM, Google Cloud IAM, Azure AD, and their best practices for securing large-scale environments
• Proficiency in at least one programming/scripting language (Python, Go, TypeScript, or similar) for automating IAM workflows
• Hands-on experience with OAuth2, OIDC, SAML, SCIM, and integrating identity providers (Okta, Auth0, AWS IAM Identity Center, Google Workspace)
• Ability to build and manage IAM automation pipelines using Infrastructure-as-Code (Terraform, Pulumi) and CI/CD workflows
• Familiarity with Just-in-Time access management (JIT), ephemeral credentials (AWS STS, Google Workload Identity), and session-based security
• Comfortable working with large-scale distributed systems and developer-friendly IAM models—you know how to support an engineering culture without excessive friction.
• A strong threat modeling and security mindset, with the ability to anticipate risks and proactively mitigate IAM-related attack vectors
• Understanding of Identity and Access Governance and how it can apply in a fast-growth, high-scale environment
• Strong ability to effectively communicate complex IAM concepts, risks, and solutions to both technical and non-technical stakeholders, ensuring alignment with business and security objectives

Must Haves:

• Bachelor's degree in Computer Science, Information Security, or equivalent experience.
• 5+ years of hands-on IAM security engineering experience in a cloud-first, high-scale environment
• Experience designing IAM architectures for global organizations with complex access needs.
• A modern approach to IAM—you embrace automation, least privilege, and identity-aware security rather than legacy solutions
• Experience implementing and operating IAM-related security tools such as AWS IAM Access Analyzer, Google Cloud Policy Intelligence, Okta Workflows, and CIEM (Cloud Infrastructure Entitlement Management) platforms
• You have worked in a fast-growth startup or a high-scale tech company and thrived.
• You are comfortable navigating ambiguity and making data-driven security decisions without requiring explicit direction

Bonus Points for:

• Experience with passwordless authentication (WebAuthn, FIDO2).
• Previous work securing B2B or B2C authentication flows
• Contributions to open-source IAM or security tooling
• Building developer-friendly IAM automation tools that streamline security without adding excessive friction

At Scopely, we create games for everyone - and want to ensure that the people behind our games reflect that!   We are committed to creating a diverse, supportive work environment where everyone is treated with respect. We are committed to providing equal employment opportunities and welcome individuals from all backgrounds to join us & embrace the adventure!Employment at Scopely is based solely on a person's merit and qualifications. Scopely does not discriminate against any employee or applicant because of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), or any other basis protected by law. We also consider qualified applicants with arrest or conviction records, consistent with applicable federal, state and local law. This role will have access to sensitive and/or confidential employee or customer personally identifiable information (PII) and/or Company financial information and therefore will be subject to background checks upon receiving a conditional offer of employment.     About usScopely is a global interactive entertainment and mobile-first video game company, home to many top, award-winning experiences such as "MONOPOLY GO!," “Star Trek™ Fleet Command,” “Stumble Guys,” “MARVEL Strike Force,” and “Yahtzee® With Buddies,” among others.Scopely creates, publishes, and live-operates immersive games that empower a directed-by-consumer™ experience across multiple platforms--from mobile, web, PC and beyond. Founded in 2011, Scopely is fueled by a world-class team and a proprietary technology platform Playgami that supports one of the most diversified portfolios in the games industry.Recognized multiple times as one of Fast Company’s “World’s Most Innovative Companies,” Scopely is a multi-billion-dollar business due to its ability to create long-lasting game experiences that players enjoy for years.Scopely has global operations in more than a dozen markets across Asia, EMEA, and North America, and is home to many internal game development teams, referred to as Scopely Studios, with additional game studio partners across four continents.Scopely was acquired by Savvy Games Group in July 2023 for $4.9 billion, and is now an independent subsidiary of Savvy.For more information on Scopely, visit: scopely.com.