Assistant Director, IT Cloud and Identity Engineer
Scorpion Therapeutics, Carlsbad, California, United States, 92002
Role Summary
This Senior Engineer–level individual contributor provides technical leadership for cloud and identity platforms and drives modern infrastructure operations. The primary responsibility is to lead cloud engineering across Azure and AWS, manage enterprise identity and access with Okta, and support core infrastructure services for the broader environment. This role partners with IT security and application owners to tackle cross-functional challenges and deliver secure, scalable, and highly reliable services across the enterprise. This position will be on-site in Carlsbad, CA, with a flexible/hybrid schedule. Responsibilities
Lead cloud engineering and operations for Azure (primary) and AWS (supporting), including platform administration, reliability, performance, and cost optimization. Design, implement, and manage Azure subscriptions across multiple regions, with a strong focus on scalability, availability, and security. Establish and maintain operational processes for monitoring, availability, incident response, and continuous service improvement. Provide technical governance and oversight for Azure and AWS, ensuring alignment with enterprise architecture, security, and compliance standards. Partner with Information Security to design and implement cloud security controls, including Identity Access Management (IAM), network segmentation, logging, monitoring, and audit readiness. Collaborate with Information Security to design and enforce identity and access controls such as RBAC, conditional access, MFA, and privileged access management across cloud and enterprise applications. Administer and enhance Okta workforce identity, including authentication, authorization, user lifecycle management, and access governance. Ensure identity platforms are secure, scalable, and aligned with Zero Trust and enterprise access strategies. Support core infrastructure services—including networking, wireless, email/collaboration, storage, backup/restore, and VMware—in partnership with the broader infrastructure team. Partner with Data, Analytics, and Automation teams to ensure Azure data and analytics platforms (e.g., Azure Databricks) are designed, secured, and operated in alignment with enterprise cloud and identity standards. Develop technical roadmaps for cloud and identity platforms, translating business and regulatory requirements into scalable, sustainable solutions. Develop and maintain technical documentation, standards, and runbooks for cloud, identity, and core infrastructure platforms. Act as a senior individual contributor and technical mentor, influencing infrastructure, security, and application teams and driving operational excellence across services. Qualifications
Required: Bachelor’s degree in computer science, Information Systems, Engineering, or a related field or equivalent work experience. Required: 10+ years of progressive experience in cloud infrastructure, platform engineering, or related IT roles. Required: 5+ years of hands-on experience with Microsoft Azure in an enterprise production environment. Required: 3+ years of experience supporting identity and access management platforms such as Okta, Azure AD, or similar. Required: Demonstrated experience defining cloud or identity architecture and technical standards. Preferred: Experience working in regulated, security-conscious, or highly available environments. Required: Senior-level, hands-on experience operating Microsoft Azure in an enterprise environment (networking, compute, storage, identity, and PaaS services). Required: Working knowledge of AWS core services, security architecture, and the shared responsibility model to provide guidance and oversight in a multi-cloud environment. Required: Enterprise experience administering Okta (or similar IdP) for workforce identity, including SSO integrations, lifecycle management, and access governance. Required: Strong understanding of identity, authentication, authorization, RBAC, MFA, conditional access, and privileged access management across cloud and enterprise applications. Required: Experience implementing cloud security controls such as IAM policies, encryption, logging, monitoring, and network security aligned to modern security/zero-trust practices. Required: Solid foundation in core infrastructure: Windows Server and Active Directory (AD, DNS, DHCP, Group Policy), enterprise networking (routing, switching, VPNs, firewalls, load balancers, wireless), VMware virtualization, and storage/backup platforms. Required: Experience supporting Azure-based data and analytics platforms (e.g., Azure Databricks, Synapse, data lakes). Required: Experience with infrastructure-as-code or automation tools (e.g., Terraform, ARM, CloudFormation, CI/CD pipelines). Required: Ability to define standards and reference architectures, document designs and runbooks, and drive adoption across infrastructure, security, and application teams. Preferred: Experience supporting multi-cloud environments spanning Azure and AWS. Preferred: Familiarity with cloud security frameworks, compliance standards, or audit readiness (e.g., SOX, SOC 2, ISO). Preferred: Exposure to privileged access management (PAM), zero trust architectures, or advanced identity governance. Preferred: Relevant certifications such as Microsoft Azure, AWS, or Okta certifications. Preferred: Experience in life sciences, biotech, or other regulated industries.
#J-18808-Ljbffr
This Senior Engineer–level individual contributor provides technical leadership for cloud and identity platforms and drives modern infrastructure operations. The primary responsibility is to lead cloud engineering across Azure and AWS, manage enterprise identity and access with Okta, and support core infrastructure services for the broader environment. This role partners with IT security and application owners to tackle cross-functional challenges and deliver secure, scalable, and highly reliable services across the enterprise. This position will be on-site in Carlsbad, CA, with a flexible/hybrid schedule. Responsibilities
Lead cloud engineering and operations for Azure (primary) and AWS (supporting), including platform administration, reliability, performance, and cost optimization. Design, implement, and manage Azure subscriptions across multiple regions, with a strong focus on scalability, availability, and security. Establish and maintain operational processes for monitoring, availability, incident response, and continuous service improvement. Provide technical governance and oversight for Azure and AWS, ensuring alignment with enterprise architecture, security, and compliance standards. Partner with Information Security to design and implement cloud security controls, including Identity Access Management (IAM), network segmentation, logging, monitoring, and audit readiness. Collaborate with Information Security to design and enforce identity and access controls such as RBAC, conditional access, MFA, and privileged access management across cloud and enterprise applications. Administer and enhance Okta workforce identity, including authentication, authorization, user lifecycle management, and access governance. Ensure identity platforms are secure, scalable, and aligned with Zero Trust and enterprise access strategies. Support core infrastructure services—including networking, wireless, email/collaboration, storage, backup/restore, and VMware—in partnership with the broader infrastructure team. Partner with Data, Analytics, and Automation teams to ensure Azure data and analytics platforms (e.g., Azure Databricks) are designed, secured, and operated in alignment with enterprise cloud and identity standards. Develop technical roadmaps for cloud and identity platforms, translating business and regulatory requirements into scalable, sustainable solutions. Develop and maintain technical documentation, standards, and runbooks for cloud, identity, and core infrastructure platforms. Act as a senior individual contributor and technical mentor, influencing infrastructure, security, and application teams and driving operational excellence across services. Qualifications
Required: Bachelor’s degree in computer science, Information Systems, Engineering, or a related field or equivalent work experience. Required: 10+ years of progressive experience in cloud infrastructure, platform engineering, or related IT roles. Required: 5+ years of hands-on experience with Microsoft Azure in an enterprise production environment. Required: 3+ years of experience supporting identity and access management platforms such as Okta, Azure AD, or similar. Required: Demonstrated experience defining cloud or identity architecture and technical standards. Preferred: Experience working in regulated, security-conscious, or highly available environments. Required: Senior-level, hands-on experience operating Microsoft Azure in an enterprise environment (networking, compute, storage, identity, and PaaS services). Required: Working knowledge of AWS core services, security architecture, and the shared responsibility model to provide guidance and oversight in a multi-cloud environment. Required: Enterprise experience administering Okta (or similar IdP) for workforce identity, including SSO integrations, lifecycle management, and access governance. Required: Strong understanding of identity, authentication, authorization, RBAC, MFA, conditional access, and privileged access management across cloud and enterprise applications. Required: Experience implementing cloud security controls such as IAM policies, encryption, logging, monitoring, and network security aligned to modern security/zero-trust practices. Required: Solid foundation in core infrastructure: Windows Server and Active Directory (AD, DNS, DHCP, Group Policy), enterprise networking (routing, switching, VPNs, firewalls, load balancers, wireless), VMware virtualization, and storage/backup platforms. Required: Experience supporting Azure-based data and analytics platforms (e.g., Azure Databricks, Synapse, data lakes). Required: Experience with infrastructure-as-code or automation tools (e.g., Terraform, ARM, CloudFormation, CI/CD pipelines). Required: Ability to define standards and reference architectures, document designs and runbooks, and drive adoption across infrastructure, security, and application teams. Preferred: Experience supporting multi-cloud environments spanning Azure and AWS. Preferred: Familiarity with cloud security frameworks, compliance standards, or audit readiness (e.g., SOX, SOC 2, ISO). Preferred: Exposure to privileged access management (PAM), zero trust architectures, or advanced identity governance. Preferred: Relevant certifications such as Microsoft Azure, AWS, or Okta certifications. Preferred: Experience in life sciences, biotech, or other regulated industries.
#J-18808-Ljbffr