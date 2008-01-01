IAM Lead (Enterprise Security Team)
Tasks in the role
IAM Strategy & Roadmap: Define and own the IAM strategy, develop the roadmap with clear milestones, metrics, and timelines
Team Building: Plan headcount, participate in hiring interviews, and onboard new IAM specialists
Identity Lifecycle Management: Design and implement end-to-end processes for account provisioning, modification, and deprovisioning
PAM Solutions: Analyze requirements, select, design, and maintain privileged access management tools
Okta Workflows Automation: Build and optimize workflows for automated provisioning, entitlement management, and de-provisioning; support policy configuration for the Okta administration team
Stakeholder Engagement: Lead presentations and align requirements and procedures with business and technical teams (e.g., IT Support, Security Operations, Security Compliance)
Documentation & Compliance:
- Create and maintain up-to-date IAM process guidelines and SOPs;
- Develop access security policies (password policies, MFA configurations, etc.);
- Produce detailed user/Admin guides and checklists for account lifecycle and access reviews;
- Version-control all documentation;
- Collaborate closely with the Compliance team to incorporate regulatory requirements and support internal/external audits.
Who we are looking for
3+ years of practical experience in IAM or broader Information Security roles with substantial involvement in IAM-related responsibilities (e.g., identity lifecycle, access control, authentication systems)
Strong understanding of all IAM domains: account lifecycle, authentication & authorization, roles & permissions, access reviews, certificate & secret management, PAM
Hands-on experience with Okta and Google Workspace (process development or administration)
Familiarity with industry standards and regulations such as ISO 27001, GDPR, SOC 2, or PCI DSS, or the ability to quickly learn and apply them
English proficiency at Upper-Intermediate or higher; excellent presentation and persuasion skills with both technical and business stakeholders
Not required, but a plus
Relevant certifications: Okta Certified Administrator, CISSP, CISM, or equivalent
Scripting for automation (Bash, PowerShell, Python)
Experience ingesting IAM logs/events into SIEM solutions
Understanding of DevOps practices and integrating IAM into CI/CD pipelines
Familiarity with PAM platforms (e.g., CyberArk, BeyondTrust)
Strategic mindset with a track record of developing long-term IT strategies
A little more about our company
Semrush is a leading online visibility management SaaS platform that enables businesses globally to run search engine optimization, pay-per-click, content, social media and competitive research campaigns and get measurable results from online marketing.
We've been developing our product for 16 years and have been awarded G2's Top 100 Software Products, Global and US Search Awards 2021, Great Place to Work Certification, Deloitte Technology Fast 500 and many more. In March 2021 Semrush went public and started trading on the NYSE with the SEMR ticker.
10,000,000+ users in America, Europe, Asia, and Australia have already tried Semrush, and over 1,700 people around the world are working on its development. The Semrush team is constantly growing.
Security
The Semrush Security team is responsible for information protection and risk management.
They combine proactive defense with rapid response to protect our systems and data, and ensure swift, effective recovery when issues arise.
Within the team, there are several scopes of work: product and infrastructure resilience, compliance, enterprise security, general security operations, and support.
Even though Security team members focus on different tasks, they operate as one: each ready to provide support, no matter the query.
The team is based mainly in Europe, with colleagues acting as ambassadors in nearly all Semrush offices worldwide.