Sr. Staff Software Engineer (IAM Engineering) (Remote - US)

Be part of a team that values safety, inclusion, and excellence

We are one of the largest U.S. railroads transporting the nation’s freight across 28 western states and 3 Canadian provinces. As a member of our team, you will play a role in supporting the movement of essential products and materials that help feed, clothe, supply, and power communities throughout America and the world.  

We are committed to a culture where all employees are included, belong, and have equal opportunity to achieve their full potential. Come make a difference with us!

Learn more about BNSF and our Benefits

Job Location: REMOTE
Other Potential Locations: Remote US 
Anticipated Start Date: 06/16/2025
Number of Positions: 2 
Salary Range: $243,750-$406,250

Apply early as this job may be removed or filled prior to the closing date, which is approximately seven (7) days after the posting date.

The US base salary range for this full-time position is $243,750 - $406,250 plus bonus eligibility and other elements of our total rewards package.  The range represents the amount bnsf | tech reasonably expects to pay for the position based on the level, scope, and responsibilities of the role.  Individual compensation and level of position offered is determined by the hiring location and additional factors including but not limited to job-related skills, experience, and relevant education or training. In addition to base pay, BNSF offers a comprehensive benefits package.

We are committed to a culture where all employees are included, belong, and have equal opportunity to achieve their full potential. Come make a difference with us!  

The bnsf | tech department drives innovation and efficiency by developing and maintaining advanced technological solutions across the network. This team ensures a robust IT infrastructure, supports critical applications, and enhances cybersecurity measures. Their expertise is essential in optimizing operations and enabling BNSF to deliver reliable, cutting-edge transportation services.  

This is a full-time position. Our leaders also foster a culture where work life balance, which requires flexibility for when life happens, is important and respected.  

As an Identity and Access Management Engineer, you will

• Lead the design, implementation and maintenance of the IAM systems to ensure secure and efficient access.
• Manage user identities, including provisioning, deprovisioning, and lifecycle management. 
• Implement automation in the access management and identity systems.
• Enforce access controls and implement security policies to protect sensitive data and resources.
• Provide technical leadership and mentorship to junior engineers.
• Ensure compliance with regulatory requirements and industry standards.
• Perform audits and monitor IAM systems to identify and address potential security vulnerabilities.
• Provide ongoing support for IAM systems and resolving issues related to user access vulnerabilities.
• Stay up to date with emerging technologies and industry trends and apply them to operations and activities.

Basic Qualifications

• I am CURRENTLY authorized to work in the US. 
• Bachelor’s degree in Computer Science, Engineering, or equivalent education or work experience.  
• At least 12+ years of experience in identity and access management engineering, with demonstrated success delivering enterprise-scale solutions. 

• Exposure to and Mastery in multiple IAM systems such as Automated Provisioning, Directory Services, Application On-Boarding, Password Management, Re-certifications, Access Requests, Access Review, Delegation, Dynamic Organizations, Role based Security & Access Control, Customer Identity Management.
• Fluency in more than one technology stack and expertise in several of the following: C, C++, Java, J2EE, JSP, Servlet, EJB, Application (Client/Server), RMI, WAS, Web Services, WS-Security, HTML, XML, XSLT, SOAP, MQ Series, LDAP / Active Directory.  
• Familiarity with cloud services.   
• Experience building the architecture and design (architecture, design patterns, reliability, and scaling) of new and current systems.
• Experience with continuous delivery and infrastructure as code.
• Experience with monitoring tools and forensic investigations on access.
• Strong problem-solving ability.
• Knowledge of integrating IAM systems with developer tooling across the software development life cycle.
• Experience working in DevOps environment, automation first mindset, ability to leverage coding/scripting skills and working experience with APIs. Should have ability to build test scripts for performing regression testing.

Preferred Qualifications

• If offered a position by BNSF, I will NOT IN THE FUTURE require BNSF’s assistance (whether monetary, through sponsorship, through preparation of a training plan, or otherwise) to obtain employment-based nonimmigrant status, such as H-1B or TN, or other authorization to work at BNSF, such as through STEM OPT.

• Knowledge in the following areas: Identity as a Service, Mutual TLS (mTLS) Auth for Service -Service, OpenID Connect Authorization Code and Client Credential Flows, FIDO2, PIM methodologies REST and REST Security, Experience with DB2, SQL Server, Oracle, or another enterprise-class RDBMS, Operating Systems like Windows, AIX, and Linux, SOX audit controls and applicability to IAM services architecture, design, and processes, Java Application Interface Development and Object Models, Enterprise Service Bus (ESB) technologies / JMS Advanced systems design
• IAM Certifications are a plus

At BNSF, you will have access to a comprehensive and competitive benefits package including:

• An industry-leading 401(k) and renowned Railroad Retirement program.
• A range of robust health care options for you and your dependents (including domestic partners), including medical, dental, vision, telemedicine, mental health, cancer support, and high-quality care network options.
• Health care spending accounts (HSA) with employer contributions, as well as life and disability insurance, provided at no cost.
• Family benefits including parental, pediatric and family building support, adoption and surrogacy reimbursement, and dependent care spending account (with employer match).
• Access to discounts on travel, gym memberships, counseling services and wellness support.
• Annual bonus (Incentive Compensation Program)
• Generous leave / time off policies.
• For more information, visit Benefits.

Please be aware of potential fraud that can occur when searching for new career opportunities.  Please review our FAQ for more information and awareness.

All positions require pre-employment background verification, medical review and pre-employment drug screen. You can find more information by reviewing the Hiring Process.  Federal authority requires BNSF employees, whose work requires unescorted access to secure areas of port facilities, to obtain a TWIC.  More information is available at https://www.tsa.gov/for-industry/twic

BNSF Railway is an Equal Opportunity Employer, all qualified applicants receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

SF: MO | [[mfield5]] | bnsf tech | REMOTE, US | 00000