# Identity & Access Management (IAM) Engineer

> Ajaib · Jakarta, Indonesia (Hybrid) · Full-time · Posted 2026-05-05

**Workplace:** hybrid

**Department:** Engineering

## Description

To serve as the architect and operator of Ajaib’s Identity Anchor. You will be responsible for ensuring every access point is anchored to a single corporate identity, moving away from manual ticketing toward a self-service, automated "ticketing-to-tool" identity orchestration.

**Responsibilities**

-   Identity Anchoring: Own the Identity Provider (IDP/SSO) lifecycle using JumpCloud, ensuring 100% of corporate assets (GitHub, AWS, etc.) are accessible only via the Corporate IDP, coordinating with related units, including People team
-   The "Kill Switch" provisioning: Implement and maintain programmatic offboarding to achieve a Mean Time to Revoke (MTTR) of <5 minutes across all systems, alerted from Slack channel maintained by People team.
-   Access Orchestration: Transition from manual tickets to automated approval workflows and self-service access.
-   Onboarding: Ensure naming convention uniformity, Lead the migration of all contributors to corporate-managed accounts, implementing automated blocking for non-corporate commits.
-   Permission Management: Define technical roles and permissions (RBAC/ABAC) and maintain the User Access Matrix for all personnel and third-party vendors.
-   Platform Integration: Move toward Identity Orchestration by implementing short-lived, automated credentials and MFA.
-   Least Privilege: Maintain segregation of duties and Least Privilege principles all the time on all systems.
-   Maintain and update and ensure the access matrix is current and agreed by relevant parties.
-   Maintain the system / tools list across organizations on a regular basis.
-   Maintain the payment method / period: Ensure no downtime on the app / system caused by failed payment.
-   Keep record and maintain the policies of access of each system and ensure they are approved by relevant stakeholders regularly.
-   During identified employee rotation, ensure access provisioning follows the new business unit / department accordingly immediately with appropriate approval from the stakeholders.
-   Data Governance: Maintain and update the Data Classification across Ajaib group.
-   Data Retention: Ensure data retention is applied and maintained across Ajaib group.
-   Incident Management: Log and maintain documentation of reported and known incidents
-   Post Incident Review: Log and maintain documentation of reported and known incidents

## Requirements

-   Must Have: 2+ years of experience in IAM/IDM; expertise in JumpCloud and Google Workspace administration.
-   Identity Protocols: Deep understanding of SSO, SAML, OIDC, and SCIM provisioning.
-   Fintech Focus: Experience regulating central access for high-turnover environments and third-party vendors.
-   Technical Literacy: Ability to manage repository permissions and automate IAM.

## Benefits

Join us as we make magic happen to increase Indonesia’s financial inclusion!

## Apply

[Apply at Ajaib](https://apply.workable.com/ajaib/j/699707DB70/apply)

---
Powered by [Workable](https://www.workable.com)