Key skills
JavaScriptPythonJavaC#C++CGoRubyRustAgenticAWSAzureGCPIAMAzure ADOAuthOktaSAMLSSOGitHub
About this role
GitHub is the world’s leading platform for agentic software development, and they are seeking a Software Engineer II in Security to help secure GitHub’s internal systems. This role involves maintaining and improving identity and access management processes, developing automation for efficiency, and collaborating across teams to ensure secure access patterns.
Responsibilities:
- Provide guidance and support to Hubbers using GitHub’s internal identity and access management platform
- Develop, maintain, and improve services that support identity lifecycle, access workflows, and paved-path processes for Hubbers
- Work with technical and non technical partner teams to drive consistent IAM practices
- Monitor and maintain IAM services, participate in an on-call rotation, respond to incidents, and enhance operational processes
- Manage services and processes that play a critical role in compliance to several audit frameworks
Requirements:
- 2+ years experience in Software Engineering, Computer Science, or related technical discipline with proven experience maintaining production software coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, Go, Ruby, Rust, or Python
- OR Associate's Degree in Computer Science, Electrical Engineering, Electronics Engineering, Math, Physics, Computer Engineering, Computer Science, or related field AND 1+ year(s) experience
- OR Bachelor's Degree in Computer Science or related field
- OR equivalent experience
- 1+ years of experience in Security Operations, Identity & Access Management, Security Engineering, or a related technical field
- 1+ years experience implementing or operating IAM technologies (e.g., SSO/MFA, directory services, RBAC/ABAC models)
- 1+ years professional experience working with Ruby
- Experience operating identity or access management systems at scale
- Familiarity with identity directories (e.g., Okta, Azure AD), authentication/authorization protocols (OAuth, SAML, OIDC)
- Experience supporting production services in an on-call capacity
- Experience with cloud environments such as AWS, Azure, or GCP
- Experience designing paved-path processes for identity lifecycle, access reviews, or entitlements management