Job Description

We’re looking for a Principal Architect, User Identity and Access to join Procore’s User Identity and Access Management (UIAM) team. Bridging the needs of materials suppliers, course of construction activities, financial relationships, legal sovereignty, and the many types of stakeholders and verticals, the construction industry has uniquely demanding authorization and authentication requirements. To meet that need, this is both an architectural and technical role, and as such requires high business acumen coupled with deep technical knowledge of identity management products and systems design principles.  In this role, you’ll have the unique opportunity to drive the next generation of UIAM initiatives in our global SaaS infrastructure, working with our dedicated and talented team spanning Engineering, Product Management, UX and Architects to create and scale the next generation Procore experience.

As a Principal IAM Architect, you will be primarily responsible for establishing the strategic technical direction, creating reference patterns, and will be additionally responsible for actively driving the effective execution of that strategy for one of Procore’s core product areas. This is a great opportunity to use your leadership, interpersonal, and organizational skills to build highly effective systems and practices, foster collaborative relationships, and measure value delivered to our customers.

This position has the opportunity to be located in the Austin, TX office. We’re looking for someone to join our team immediately.

What you’ll do:

• Hands-on development and coding of a robust and secure Identity and Access Management (IAM) framework to protect digital assets and ensure efficient user access.

• Develop and oversee IAM strategy and architecture at scale, policies, and technologies for user identities, authentication, authorization, and access controls.

• Collaborate with cross-functional teams and senior leaders to align IAM strategies with business goals, ensuring scalability and interoperability across platforms.

• Evaluate and recommend IAM tools and technologies, and develop reference patterns and roadmaps for IAM domains.

• Manage customer onboarding and offboarding workflows, design authentication mechanisms like multi-factor authentication (MFA), single sign-on (SSO), and establish authorization frameworks and access policies utilizing FGA.

• Assess IAM-related risks, respond to security incidents, and integrate IAM solutions with applications, directories, and cloud services.

• Work with development teams to incorporate IAM considerations in application design and maintain comprehensive IAM documentation.

• Stay informed on emerging IAM trends and recommend innovative solutions to enhance security and user experience.

• Build internal and external influence in the Engineering community, maintaining technology strategies aligned with corporate and product strategies.

What we’re looking for:

• Masters Degree in Computer Science, a related field, or comparable work experience

• 15+ years experience in software engineering, Test Driven Development, Design principles and Distributed Architectures.

• Expertise in Identity and Access Management at large global scale for SaaS enterprise, including authentication, authorization, privacy and consent management, regulatory compliance, multi-factor authentication, federation, and risk management.

• Proficiency in authentication standards, frameworks, lifecycle management, tokens, session management and profiles, federation technologies (SAML, OAUTH, OpenID Connect) as well as customer identity and access management platforms like Okta, Auth0, Ping Identity.

• Proficiency with authorization standards such as RBAC, JWT, MFA, ABAC, but most specifically FGA (Fine Grained Authorization) utilizing Zanzibar. 

• Effective communication skills to influence key stakeholders across the enterprise, at all levels of the organization and promote a culture of engineering excellence and being well-managed, using opportunities to reuse and innersource solutions where possible.

• Demonstrated ability to influence and drive change within the organization, promoting innovation and continuous improvement

• Being comfortable with the overall responsibility and accountability to create, and maintain a technical strategy and execution plan

• Driven operational transformation through automation and continuous process improvements

• Proven track record of distilling ambiguity to clarity and direction

Qualifications