Security Engineer
Adobe Inc.
Job Description
About the Team & Mission The team focuses on Identity Architecture & Solutions by crafting, building, and operationalizing scalable identity and SaaS security capabilities enterprise-wide. This technical role depends on members passionate about Identity & SaaS Security functions, identity architecture strategy, and encouraging teamwork. We collaborate as an organization to reduce identity-centric risk, with each member essential to delivering security value and outcomes.
The Challenge Engineer ZeroTrust access controls for workforce and service identities. Develop and implement pipelines using RBAC and ABAC standards. Include device and posture checks and riskadaptive policies for critical services and high-risk scenarios.
Harden privileged access: migrate administrators to rightsize entitlements and eliminate longlived elevated access across prioritized platforms (e.g., Entra ID, Privileged Access Management). Participate in tool POCs and deployments for SaaS security posture monitoring. Define baselines for M365, Slack, GitHub, Workday, and Google.
Build remediation runbooks and posture success measurements. Instrument identity metrics collection and tracking by standardizing log schemas for authentication, authorization, and entitlement changes. Publish dashboards showing privilege drift, misconfigurations, and access sprawl.
Coordinate risky events with security alert procedures. Contribute and drive architecture & standards: author implementation guides and reference architecture that supports a multiyear strategy passionate about measuring risk reduction over time. Inclusive of new technologies and risks.
What is needed to succeed Experience with enterprise identity controls and solutions, including delivering outcomes that use Entra ID/AD, Okta, and SailPoint (or equivalents) Strong understanding of core Zero Trust principles, the least privilege and continuous verification models, and incorporating those into the enterprise SaaS posture skills for securing large SaaS tenants (M365, Slack, GitHub, Workday, Google), including security Authn and Authz for all identities accessing SaaS tenants Influence and collaborate with key partners in IT and other security teams. Work together to develop security outcomes that reduce risk and require creative problem solving. Excellent written and verbal communication skills, including communicating complex problems and solutions to business leaders and technical specialists Ability to deliver measurable outcomes in a technical environment that align with long term goals Active team participation and an inquisitive mind passionate about delivering creative solutions and working collaboratively Preferred Engineering familiarity with secure access control solutions (e.g.
Teleport, Vault), secrets management, and CI/CD solutions and their customers. Scripting/automation knowledge (e.g., Python, PowerShell) and infrastructureascode (e.g., Terraform) for policy and pipeline automation. Exposure to service identity frameworks (e.g., SPIFFE/SPIRE) and workload identity patterns.
Experience/Education requirements ~5+ years relevant experience; Bachelor's required or equivalent experience Expected Pay Range Our compensation reflects the cost of labor across several U.S. geographic markets, and we pay differently based on those defined markets. The U.S. pay range for this position is $144,800 -- $261,450 annually. Pay within this range varies by work location and may also depend on job-related knowledge, skills, and experience.
Your recruiter can share more about the specific salary range for the job location during the hiring process. In California, the pay range for this position is $180,600 - $261,450. In Washington, the pay range for this position is $170,900 - $247,550.
Equal Employment Opportunity Adobe is proud to be an Equal Employment Opportunity employer. We do not discriminate based on gender, race or color, ethnicity or national origin, age, disability, religion, sexual orientation, gender identity or expression, veteran status, or any other protected characteristic. State-Specific Notices California: Adobe will consider qualified applicants with arrest or conviction records for employment in accordance with state and local laws and "fair chance" ordinances.
Colorado: If this role is open to hiring in Colorado, the application window will remain open until at least the date and time stated above in Pacific Time, in compliance with Colorado pay transparency regulations. If this role does not have Colorado listed as a hiring location, no specific application window applies, and the posting may close at any time based on hiring needs. Massachusetts: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment.
An employer who violates this law shall be subject to criminal penalties and civil liability. #J-18808-Ljbffr