Identity & Access Management (IAM) Architect

New York, NY /
Technology – Flow Engineering /
Salaried, full-time
/ On-site
About the Company
Flow aims to create a superior living environment that enhances the lives of our residents and communities by developing, acquiring, owning, and managing multifamily apartment buildings and the services and technology inside those buildings.

Fulfilling our mission will require an exceptional group of people whose collective output is greater than the sum of its individual parts. Our team members are energized by the opportunity to impact our residents’ lives in meaningful ways. They are bold and creatively ambitious, driven by relentlessly high standards, act with a sense of urgency and accountability, and always, above all, operate with integrity, loyalty, and trust.

About the Role
Identity and Access management will be critical for the applications we are developing so we are looking for an IAM architect to lead the architecture, development and maintenance of our customer Identity service. You will work closely with our development teams to protect backend applications with IAM infrastructure and role based access controls and ensure that we have a resilient, secure, and compliant Identity service managing customer authentication, authorization, and user information management.


    • Take ownership of building out Identity Service for authentication, authorization, and identity management for customer users
    • Define strategy for role based access control (RBAC) for the backend services
    • Work closely with Developers to help them integrate with IAM service
    • Work closely with business partners in IAM space to integrate their best in class solution to the IAM Service
    • Ensure IAM service adheres to compliance standards that secure and honor consumer privacy
    • Maintain, update, and deploy user registration service and API
    • Bring passion to stay on top of tech and industry trends in IAM, experiment with and learn new technologies
    • Act as a subject matter expert for Identity and Access Management, be able to iterate on the IAM Service architecture as the business matures

Ideal Background

    • Experience developing, implementing and maintaining secure and scalable Identity and Access Management (IAM) Service for customer users. e.g. user registration/user flow authentication and authorization, etc
    • Experience leading end to end implementations of MFA, and Passwordless authentication for a large enterprise
    • Technical proficiency in identity protocols (SAML, OIDC, oAuth2 , FIDO2, WebAuthN)
    • Experience implementing OAuth2 and OpenId connect for authentication and authorization
    • Familiarity with Authentication Services. Deep expertise in AWS Cognito ,  Auth0, Google Firebase 
    • Comprehensive development experience in Golang and/or Typescript
    • Familiarity with security best practices for protecting user accounts and account data in cloud based identity management services
    • Experience with cloud-based users directory administration and integration, including an understanding of multi-tenant environments, security groups etc

Following skills are nice to have

    • Building, configuring and integrating with systems that implement
    • PKI, TLS, Symmetric and asymmetric key encryption
    • X509 Certificates 
    • Understanding of the components of Network Security, firewalls, load balancers, application gateways with the perspective of IAM configuration 
    • Exposure to infrastructure as code frameworks such as Terraform etc
    • AWS Cognito deployment in Production environment in HA and Failover mode
Salary: $120,000 - $200,000

• Medical, dental, and vision insurance plans
• Paid-Time Off
• Commuter benefits 
• 401(k) Plan 

Flow is proud to be an equal opportunity workplace and is committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity and/or expression, pregnancy, Veteran status any other characteristic protected by federal, state or local law. In addition, we will provide reasonable accommodations for qualified individuals with disabilities.