Toast creates technology to help restaurants and local businesses succeed in a digital world, helping business owners operate, increase sales, engage customers, and keep employees happy. We are seeking a highly motivated and experienced Staff IAM Engineer to join our growing IT IAM team. In this role, you will be a key contributor to the development, enhancement, and strategic evolution of our Identity and Access Management (IAM) program, with a focus on Okta and SailPoint Identity Security Cloud (formerly IdentityNow). You will play a critical role in building our identity lifecycle management processes, ensuring security, compliance, and efficiency. This role requires a deep understanding of IAM principles and best practices, as well as hands-on experience with enterprise-grade IAM platforms SailPoint and Okta A day in the life (Responsibilities) - Design, develop, and deploy SailPoint Identity Security Cloud: This includes building complex workflows, configuring policies, building integrations, developing user lifecycle management workflows between SailPoint and integrated systems, and acting as a subject matter expert for SailPoint. - Drive automation: Develop and implement automated provisioning and de-provisioning processes, and seamlessly integrate SailPoint with diverse applications, leveraging scripting and API knowledge. Focus on scalability and efficiency in automation efforts. - Architect and implement access controls: Create, develop, and deploy robust access policies and roles, adhering to the principle of least privilege. - Ramp the team and develop comprehensive documentation: Write and maintain detailed documentation for all IAM configurations, processes, runbooks, and governance needs, ensuring clarity and consistency for both technical and non-technical audiences. This documentation should be utilized to guide the team to implement using best practices, deliver scalable solutions, and operate out of SOPs that create repeatable processes. - Champion continuous improvement: Research and evaluate emerging IAM technologies, stay abreast of industry best practices, and proactively drive opportunities to enhance our IAM program. - Ensure platform health and performance: Take ownership of system health checks, proactive monitoring, troubleshooting, and performance tuning for both platforms to ensure optimal performance, reliability, and availability. Develop and implement monitoring and alerting solutions. - Enhance security incident response: Develop and implement the security incident response processes related to identity and access. Implement monitoring and alerting to provide system logs and alerts for suspicious activity. Participate in security audits and compliance assessments (e.g., SOX, SOC, PCI). - Collaborate with stakeholders: Work closely with business units, application owners, and security teams to gather requirements, design effective solutions, and implement IAM strategies that meet business needs while maintaining security posture. This includes leading requirements gathering sessions and translating business needs into technical specifications. What you'll need to thrive (Requirements) - 10+ years of experience in Identity and Access Management. - 7+ years experience with SailPoint Identity Security Cloud, including design, development, configuration, and med-large scale deployment. - Proven experience implementing Sailpoint to manage access for large core enterprise applications including Salesforce, Netsuite and Snowflake - Proven experience configuring and implementing full end-to-end User Access Review (UAR) capabilities in Sailpoint for integrated and non-integrated applications - Proven experience configuring and implementing Access Request functionality in SailPoint. Experience migrating access request capabilities from ServiceNow to SailPoint is ideal. - Extensive experience with Okta administration, including user management, authentication, and application integration, and application access workflows. - Solid understanding of IAM concepts, best practices, and industry standards. - Experience with scripting languages (e.g., Java, Python) for automation. - Excellent analytical, problem-solving, and communication skills. What will help you stand out (Nonessential Skills/Nice to Haves) - Relevant certifications (e.g., CISSP, CISM, SailPoint Certified Professional). - Compliance Knowledge (SOX, SOC, PCI, UAR) - Experience with other IAM solutions (e.g., Azure AD, AWS IAM). - Knowledge of IT security frameworks (e.g., NIST, ISO 27001). AI at Toast At Toast, one of our company values is that we're hungry to build and learn. We believe learning new AI tools empowers us to build for our customers faster, more independently, and with higher quality. We provide these tools across all disciplines, from Engineering and Product to Sales and Support, and are inspired by how our Toasters are already driving real value with them. The people who thrive here are those who embrace changes that let us build more for our customers; it’s a core part of our culture. Our Total Rewards Philosophy We strive to provide competitive compensation and benefits programs that help to attract, retain, and motivate the best and brightest people in our industry. Our total rewards package goes beyond great earnings potential and provides the means to a healthy lifestyle with the flexibility to meet Toasters’ changing needs. Learn more about our benefits at https://careers.toasttab.com/toast-benefits. The base salary range for this role is listed below. The starting salary will be determined based on skills and experience. In addition to base salary, our total rewards components include cash compensation (overtime, bonus/commissions, if eligible), benefits, and equity (if eligible). Pay Range $127,000—$203,000 USD How Toast Uses AI in its Hiring Process Throughout the hiring process, our goal is to get to know you. We use AI tools to support our recruiters and interviewers with tasks like note-taking, summarization, and documentation of interviews to ensure they can be fully focused on your conversation. All hiring decisions are made by people. Diversity, Equity, and Inclusion is Baked into our Recipe for Success At Toast, our employees are our secret ingredient—when they thrive, we thrive. The restaurant industry is one of the most diverse, and we embrace that diversity with authenticity, inclusivity, respect, and humility. By embedding these principles into our culture and design, we create equitable opportunities for all and raise the bar in delivering exceptional experiences. We Thrive Together We embrace a hybrid work model that fosters in-person collaboration while valuing individual needs. Our goal is to build a strong culture of connection as we work together to empower the restaurant community. To learn more about how we work globally and regionally, check out: https://careers.toasttab.com/locations-toast. Apply today! Toast is committed to creating an accessible and inclusive hiring process. As part of this commitment, we strive to provide reasonable accommodations for persons with disabilities to enable them to access the hiring process. If you need an accommodation to access the job application or interview process, please contact candidateaccommodations@toasttab.com. ------ For roles in the United States, it is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description We are seeking a Cybersecurity Assessment and Authorization Subject Matter Expert (SME) to join our Defense Logistics Agency team. - Serve as a Cybersecurity Subject Matter Expert (SME) for Assessment and Authorization (A&A) activities supporting Department of Defense (DoD) information systems. - Support the implementation and execution of the Risk Management Framework (RMF) for the authorization of information systems. - Conduct security control assessments and evaluate compliance with NIST SP 800-53 security controls and DoD cybersecurity requirements. - Provide technical guidance and subject matter expertise for systems undergoing the authorization process. - Analyze vulnerabilities and determine applicable severity values for identified security control deficiencies. - Assess the potential impact of vulnerabilities on a system’s current or future authorization status. - Support authorization package development and review to ensure completeness, accuracy, and compliance with DoD cybersecurity policies. - Evaluate cybersecurity posture across complex IT infrastructures consisting of multiple enclaves, AIS applications, and outsourced IT processes. - Provide cybersecurity expertise related to emerging technologies including Cloud environments, Industrial Control Systems (ICS), warehouse execution systems, and Operational Technology (OT) infrastructures. - Brief senior management and stakeholders on RMF progress, risk posture, and authorization status of information systems. - Collaborate with system owners, cybersecurity teams, and government representatives to ensure successful completion of A&A activities. - Ensure cybersecurity documentation, procedures, and processes align with DoD policies and enterprise security standards. Qualifications - 5+ years of relevant experience supporting Risk Management Framework (RMF) and NIST Assessment and Authorization (A&A) processes. - Experience supporting DoD cybersecurity programs and authorization processes. - Experience assessing security controls and conducting authorization reviews for large, complex enterprise environments. - Strong understanding of DoD cybersecurity policies, procedures, and authorization requirements. - Knowledge of cybersecurity considerations for Cloud technologies, Industrial Control Systems (ICS), warehouse execution systems, and Operational Technology (OT) environments. - CSSP Analyst Certification. - Top Secret - IT-I Critical security clearance, Tier 5 investigation. Requirements - U.S. Citizen. - Top Secret - IT-I Critical security clearance, Tier 5 investigation. Benefits - Competitive benefits package including health, dental, vision, 401K, life insurance, short-term and long-term disability plans, vacation time, and holidays.

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description We are seeking a motivated and technically curious IT Engineer to help design, build, support, and continuously improve technology solutions that enable our business. This role contributes across the full lifecycle of systems and applications, collaborating with cross-functional partners to deliver secure, reliable, and scalable solutions. The ideal candidate brings strong foundational engineering skills, a growth mindset, and a passion for solving problems through technology. This opportunity provides a unique chance to help shape a new Identity API, influence Mutual of Omaha’s identity strategy, and be part of building a new team from the ground up. As a member of the Machine Identity Management (MIM) and Enablement team, you’ll play a meaningful role in defining how identity services are designed, delivered, and consumed across the enterprise. You will work in a highly collaborative environment within Mutual’s evolving Information Security organization, partnering with Mutual engineers, architects, and security leaders to deliver modern, secure, and scalable identity solutions. Qualifications - Demonstrated experience designing, implementing, and maintaining MuleSoft APIs or REST APIs in enterprise environments. - Proven ability to navigate and resolve challenges within a full‑stack application development and implementation lifecycle. - Ensure the reliability, quality, and security of systems, processes, and data through effective design, continuous improvement, and adherence to security best practices. - Hands-on experience utilizing identity and access management technologies. - Strong collaborative mindset, with the ability to work effectively with cross‑functional team members and stakeholders. - Promote a culture of diversity and inclusion, value different ideas and opinions, and listen courageously, remaining curious in all that you do. - Able to work remotely with access to a high-speed internet connection and located in the United States or Puerto Rico. Requirements - Contribute to the development, testing, maintenance, and integration of identity technologies to better support and enable the developer community at Mutual. - Engage in technical efforts across the team, ensuring alignment with enterprise growth initiatives and collaborating with team members and external vendors. - Ideation and brainstorming sessions to devise creative and disruptive digital solutions; builds apps, APIs and data solutions to drive toward implementation of those solutions. - Occasionally play multiple roles (e.g. individual contributor, lead, teacher, mentor). - Get to know the supported business area(s), have an awareness of related objectives and challenges. - Evaluate options and the performance tradeoffs/benefits. Benefits - Estimated Salary (Levels have variable responsibilities and qualifications): - Engineer II: $99,000 - $168,000, plus annual bonus opportunity - Engineer III: $110,000 - $182,000, plus annual bonus opportunity - 401(k) plan with a 2% company contribution and 6% company match. - Work-life balance with vacation, personal time and paid holidays.

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description We are seeking a talented, motivated Threat Detection Engineer to join our global team. This individual will be a self-starter excited to take on ownership of complex projects with a wide degree of autonomy. This role is unique in its schedule, providing critical weekend coverage during local daytime hours in exchange for a flexible schedule during the work week. As a Threat Detection Engineer, you will be responsible for designing, implementing, and maintaining systems and logic to identify and neutralize sophisticated cyber threats. You will operate within a high-fidelity Detection-as-Code environment, moving beyond traditional SOC tiers to act as an elite, end-to-end security engineer. Responsibilities: - Detection Engineering: Develop, tune, and deploy high-fidelity detections and rules to prevent threats against the firm's systems using a "Detection-as-Code" philosophy. - Incident Response: Respond to and mitigate active incidents and alerts within our security monitoring systems. - Threat Hunting: Proactively hunt for sophisticated adversaries targeting our infrastructure by analyzing logging and telemetry. - Intelligence Action: Process and action threat intelligence reports, converting attacker TTPs into actionable detections across various tools and languages. - Automation & Coding: Contribute to the firm’s Python-based ecosystem to automate analysis processes and increase detection accuracy. - Business Collaboration: Work with various business units to gain a deep understanding of internal networks to better inform hunting and risk-modeling strategies. - Telemetry Analysis: Review and analyze packet captures, media, and network device logs to support risk and detection capabilities. Qualifications - Education: Bachelor’s degree in Computer Science, Computer Engineering, or a related technical field. - Programming: Strong proficiency in Python is mandatory for contributing to our D&R codebase. - Data Analysis: Experience conducting deep-dive analysis of media, packet captures, and logs. Familiarity with Pandas and Jupyter Notebooks for threat hunting is highly desirable. - Technical Breadth: Experience with modern SIEM platforms (Google SecOps preferred) and a variety of 3rd party endpoint, network, and cloud security tools. - Communication: Strong interpersonal skills with the ability to communicate complex technical threats to both technical and non-technical stakeholders. - Availability: Ability to work a weekend-based schedule (local daytime hours) with flexibility during the week (2 days). Benefits - Competitive compensation package commensurate with experience. - Comprehensive health, dental, and vision insurance. - Opportunities for continuous professional development and training. - A collaborative and challenging work environment with state-of-the-art technology.