DevOps Engineer - Identity
New York, NY /
Information Security /
A World-Changing Company
At Palantir, we’re passionate about building software that solves problems. We partner with the most important institutions in the world to transform how they use data and technology. Our software has been used to stop terrorist attacks, discover new medicines, gain an edge in global financial markets, and more. If these types of projects excite you, we'd love for you to join us.
As a DevOps Engineer on Palantir’s Identity team, you will design, build and manage identity infrastructure and tooling. You will make it easier and more secure to implement identity governance and access management for Palantirians and our customers all over the world. As part of Palantir’s world-class Information Security organization, you will work closely with Security Engineers to research, implement and scale innovative solutions to help Palantir stay ahead of a dynamic threat landscape.
The Identity team consists of DevOps Engineers who are passionate about reducing risk, friction and eliminating toil. The team’s primary focus is the management of identity platforms for both corporate and production (customer-facing) infrastructure. As part of the team, you will build novel web services that help Palantirians stay compliant while minimizing impact on their productivity flows. Your work will directly impact and improve the resilience of mission critical Palantir infrastructure that enables and empowers a globally distributed workforce.
- Develop automation for the management of corporate and customer-facing identity platforms
- Build, secure and manage geo-redundant systems and services in AWS and Azure
- Manage Single Sign-On (SSO) integrations across multiple Azure Active Directory (Azure AD) tenants using infrastructure-as-code frameworks
- Build tooling to standardize and scale operational workflows in AWS, Azure and Google Cloud Platform (GCP)
- Research and drive the implementation of cutting-edge authentication protocols (like passwordless auth) by collaborating with Security Engineers
- Partner with Compliance Engineers to help build novel services that reduce the cost of compliance enforcement across multiple compliance regimes (FedRAMP, IL5, IL6, etc.)
What We Value
- 3+ years experience in Site Reliability Engineering (SRE), DevOps or equivalent field with a passion for security
- Technical proficiency in identity protocols (SAML, OIDC, LDAP, Kerberos, FIDO2, WebAuthN)
- Experience deploying and managing Linux or Windows based infrastructure in AWS, Azure, or Google Cloud
- Proficiency with a scripting language such as PowerShell, Python, Bash, or Go
- Exposure to infrastructure-as-code frameworks such as Terraform, CloudFormation, Ansible, Puppet, or PowerShell DSC
- Familiarity with risk management and understanding of regulatory compliance frameworks (e.g., ISO/SOC/NIST) is a plus
Palantir is committed to promoting a culture of diversity, equity, and inclusion and is proud to be an Equal Employment Opportunity and Affirmative Action employer. We believe that all Palantirians share the responsibility of upholding our commitment to these values and encourage candidates from a wide range of backgrounds, perspectives, and lived experiences to join us in solving the world’s hardest problems. Palantir does not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. Palantir is committed to working with and providing reasonable accommodations to applicants with physical and mental disabilities. Please see the United States Department of Labor’s EEO poster and EEO poster supplement for additional information.
Palantir is committed to making the job application process accessible to everyone. If you are living with a disability (visible or not visible) and need to request a reasonable accommodation for any part of the application or hiring process, please reach out and let us know how we can help.