To serve as the architect and operator of Ajaib's Identity Anchor. You will be responsible for ensuring every access point is anchored to a single corporate identity, moving away from manual ticketing toward a self-service, automated ticketing-to-tool identity orchestration.
Responsibilities
Identity Anchoring: Own the Identity Provider (IDP/SSO) lifecycle using JumpCloud, ensuring 100% of corporate assets (GitHub, AWS, etc.) are accessible only via the Corporate IDP, coordinating with related units, including People teamThe Kill Switch provisioning: Implement and maintain programmatic offboarding to achieve a Mean Time to Revoke (MTTR) of <5 minutes across all systems, alerted from Slack channel maintained by People team
Access Orchestration: Transition from manual tickets to automated approval workflows and self-service accessOnboarding: Ensure naming convention uniformity, Lead the migration of all contributors to corporate-managed accounts, implementing automated blocking for non-corporate commitsPermission Management: Define technical roles and permissions (RBAC/ABAC) and maintain the User Access Matrix for all personnel and third-party vendorsPlatform Integration: Move toward Identity Orchestration by implementing short-lived, automated credentials and MFALeast Privilege: Maintain segregation of duties and Least Privilege principles all the time on all systemsMaintain and update and ensure the access matrix is current and agreed by relevant partiesMaintain the system / tools list across organizations on a regular basisMaintain the payment method / period: Ensure no downtime on the app / system caused by failed paymentKeep record and maintain the policies of access of each system and ensure they are approved by relevant stakeholders regularlyDuring identified employee rotation, ensure access provisioning follows the new business unit / department accordingly immediately with appropriate approval from the stakeholdersData Governance: Maintain and update the Data Classification across Ajaib groupData Retention: Ensure data retention is applied and maintained across Ajaib groupIncident Management: Log and maintain documentation of reported and known incidentsPost Incident Review: Log and maintain documentation of reported and known incidents
Requirements
- Must Have: 2+ years of experience in IAM/IDM; expertise in JumpCloud and Google Workspace administration
- Identity Protocols: Deep understanding of SSO, SAML, OIDC, and SCIM provisioning
- Fintech Focus: Experience regulating central access for high-turnover environments and third-party vendors
- Technical Literacy: Ability to manage repository permissions and automate IAM
Benefits
Join us as we make magic happen to increase Indonesia's financial inclusion!
