Job Details

IAM Architect

Seattle, Washington, United States

Software and Services

Summary

Posted: Mar 28, 2025

Weekly Hours: 40

Role Number: 200594348

Apple is a place where extraordinary people gravitate to do their life's best work. Together we craft products and experiences people once couldn’t have imagined — and now can’t imagine living without. The Apple Service Engineering (ASE) team builds and provides systems and infrastructure that fuel Apple’s services (such as Apple TV, App Store, Apple Music, Apple Fitness, iCloud, Siri, and Maps). We are the foundation on which Apple’s software developers build the products that our customers love. Our services have to scale globally, stay highly available, and meet the high security expectations for our billions of customers.

The Security team within ASE is seeking a highly skilled and hands-on IAM Architect to design, implement, and optimize our Identity and Access Management (IAM) systems. This role requires deep technical expertise in IAM frameworks, authentication protocols, and access control mechanisms. The ideal candidate will be able to apply industry-leading security practices, build and execute identity and access management governance program, as well as drive seamless, secure access across the organization.

Description

Architecting Identity and Access Management at Apple scale requires creativity to build world-class security fitting to our customers expectations. Familiarity with AWS IAM, GCP IAM, and other third party systems is only the beginning, understanding how to scale and transform systems in a safe and secure way requires experience and a deep understanding of how applications are built, deployed, and operated. You will work closely with stakeholders, engineers, product, program, and executives to charter a unification strategy that includes all compute, storage, network, data warehouse, business operations, business applications, and beyond.

YOU WILL:

Lead the design and implementation of scalable IAM infrastructure components ranging from hardware root identity, cryptographic chain of trusts, and fine grain access control

Architect and integrate authentication and authorization frameworks (ACL, RBAC, ABAC, Zero Trust).

Collaborate with security, engineering, and product teams to align IAM strategies with business needs.

Write, present, and communicate to senior executives the principles and benefits of IAM

Lead engineering teams to secure and timely solutions

Contribute code to demonstrate POCs

Minimum Qualifications

• 10+ years of experience in Identity and Access Management (IAM) architecture and engineering.

• Hands-on experience with building reliable web-scale policy-based Authentication and Authorization solutions

• Prior experience being a technical/engineering lead on a team in a service organization

• Proficiency in one or more programming languages (Golang, Java, Swift)

• Experience with cloud-based IAM (AWS IAM, Azure AD, Google Cloud Identity)

• Strong problem-solving skills

• Ability to work cross-functionally, including communicating roadmaps, decisions and proposals to senior and executive leadership

Preferred Qualifications

• Strong knowledge of privileged access management (PAM) and identity governance solutions.

• Working knowledge of Kubernetes ecosystem

• Understanding of networking security controls and techniques for network isolation

• Understanding of TPM, Hardware Root of Trust, PKI, UEFI Secure Boot, Measured Boot and security attestation architecture for hardware and workload identity provisioning

• Understanding of Linux security subsystems (SELinux, BPF, IPC, etc.)

Pay & Benefits

At Apple, base pay is one part of our total compensation package and is determined within a range. This provides the opportunity to progress as you grow and develop within a role. The base pay range for this role is between $197,400 and $360,200, and your base pay will depend on your skills, qualifications, experience, and location.

Apple employees also have the opportunity to become an Apple shareholder through participation in Apple’s discretionary employee stock programs. Apple employees are eligible for discretionary restricted stock unit awards, and can purchase Apple stock at a discount if voluntarily participating in Apple’s Employee Stock Purchase Plan. You’ll also receive benefits including: Comprehensive medical and dental coverage, retirement benefits, a range of discounted products and free services, and for formal education related to advancing your career at Apple, reimbursement for certain educational expenses — including tuition. Additionally, this role might be eligible for discretionary bonuses or commission payments as well as relocation.Learn more about Apple Benefits. (https://www.apple.com/careers/us/benefits.html)

Note: Apple benefit, compensation and employee stock programs are subject to eligibility requirements and other terms of the applicable plan or program.

Apple is an equal opportunity employer that is committed to inclusion and diversity. We seek to promote equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics.Learn more about your EEO rights as an applicant (https://www.eeoc.gov/sites/default/files/2023-06/22-088_EEOC_KnowYourRights6.12ScreenRdr.pdf) .

Apple is an equal opportunity employer that is committed to inclusion and diversity. We seek to promote equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics.Learn more about your EEO rights as an applicant (https://www.eeoc.gov/sites/default/files/2023-06/22-088_EEOC_KnowYourRights6.12ScreenRdr.pdf) .

Apple will not discriminate or retaliate against applicants who inquire about, disclose, or discuss their compensation.

Apple participates in the E-Verify program in certain locations as required by law.Learn more about the E-Verify program (https://www.apple.com/jobs/pdf/EverifyPosterEnglish.pdf) .

Apple is committed to working with and providing reasonable accommodation to applicants with physical and mental disabilities. Reasonable Accommodation and Drug Free Workplace policy Learn more .

Apple is a drug-free workplace. Reasonable Accommodation and Drug Free Workplace policy Learn more .

Apple will consider for employment all qualified applicants with criminal histories in a manner consistent with applicable law. If you’re applying for a position in San Francisco, review the San Francisco Fair Chance Ordinance guidelines applicable in your area.

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.