WithMiraRemote IT finder
Instacart

Senior Corporate Engineer II

Remote IT role with clear candidate location fit.

PostedRecently added
Eligible countries3 accepted countries
Seniority signalSenior
Work settingRemote
Accepted candidate locations
CanadaMexicoUSA
AWSCI/CDPython
Role overview

Senior Corporate Engineer II

Requirements and responsibilities

Readable role content extracted into sections for faster review.

About the Job

  • Own the architecture, security, and day-to-day operations of our enterprise Okta tenant, including delivery of Okta Identity Governance (OIG), lifecycle management, SCIM provisioning, SSO integrations (SAML/OIDC), MFA, risk-based policies, and device trust.
  • Design and maintain Infrastructure-as-Code for identity and access using Terraform, building reusable modules, guardrails, and automated workflows integrated with HRIS and ITSM systems to achieve least-privilege and timely provisioning/deprovisioning.
  • Architect, operate, and continuously improve Instacart’s office network infrastructure (firewalls, routing/switching, wireless) across SF, NYC, and Toronto; drive zero-trust segmentation, observability, capacity planning, and vendor/partner management.
  • Lead and participate in incident response for identity and network events, drive rapid mitigation and root-cause analysis, and implement durable remediations through post-incident reviews and change management.
  • Standardize and execute certificate and key lifecycles for SAML/TLS across SaaS applications; eliminate manual toil with scripting and robust runbooks that increase reliability and auditability.
  • Partner with Security and Compliance to meet controls and audit needs (e.g., access reviews, evidence collection), improve access risk management, and unlock license savings via automated revocation and right-sizing.
  • Mentor teammates, elevate documentation and operational excellence, and help shape the roadmap by prioritizing high-impact work in a rapidly evolving environment.

Minimum Qualifications

  • 7+ years of experience in corporate IT engineering or a related field with a focus on identity and access management (IAM) and enterprise networking.
  • 3+ years of hands-on administration of Okta in production (1,000+ users), including SSO integrations (SAML/OIDC), SCIM provisioning, MFA, and policy design.
  • 2+ years implementing identity governance and automation using Okta Workflows, Okta Identity Governance (OIG), or an equivalent IGA platform.
  • Proficiency with Infrastructure-as-Code and automation: Terraform (required) and at least one scripting language (Python, Bash, or PowerShell).
  • Demonstrated experience planning and executing certificate rotations and key management for SAML/TLS across multiple SaaS applications.
  • Hands-on experience operating and troubleshooting office network infrastructure (switching, routing, wireless, firewalls) and VPN/zero-trust access using technologies such as Cisco/Meraki, Aruba, and Palo Alto.
  • Proven track record leading critical incidents and executing structured change management, including authoring runbooks and conducting post-incident reviews.
  • Working knowledge of endpoint management and device trust (e.g., Jamf, Kandji, Intune) and integrating device posture into access controls.
  • Bachelor’s degree in Computer Science, Engineering, Information Systems, or equivalent practical experience.
  • Located in Pacific or Mountain time zone required.

Preferred Qualifications

  • Okta certifications (Administrator, Professional, or Consultant) and/or networking/security certifications (e.g., CCNP, PCNSE).
  • Experience building Git-based CI/CD pipelines for identity and network automation (e.g., GitHub Actions, CircleCI) and implementing policy-as-code.
  • Familiarity with compliance frameworks and audits (SOX, SOC 2, ISO 27001) and hands-on experience running access reviews and evidence collection.
  • Experience administering Google Workspace and/or Microsoft 365 identity and security configurations at scale.
  • Exposure to secrets management and PKI (e.g., HashiCorp Vault, AWS KMS) and log/monitoring platforms (e.g., Datadog, Splunk).
  • Strong cross-functional communication skills and experience leading complex, multi-stakeholder projects from scoping through delivery.
Similar roles

Keep a backup shortlist.

Browse stack
AWS, Python 8 accepted countries
Senior DevOps EngineerFionet
Jun 4, 2026 WithMira apply
View role
Python Mexico
Senior Full Stack EngineerOpsvis
Jun 9, 2026 WithMira apply
View role
AWS Mexico
DevOps / Site Reliability EngineerMorgan Stanley
Jun 9, 2026 WithMira apply
View role
Python Mexico
Senior Full Stack EngineerIndeed
Jun 9, 2026 WithMira apply
View role
FocusITRole area
Seniority signalSeniorCandidate level
StackAWS, CI/CD, PythonPrimary skills
Location3 accepted countriesEligibility

Stack

Use these tags to compare similar remote roles.

AWSCI/CDPython

Location eligibility

Candidates should apply only when their profile country is listed here.

Your profileCountry not setSign in to check your country against this role.
CanadaMexicoUSA

Hiring flow

WithMira shows the role, then sends candidates to the company application.

1Check role fit, stack, and location eligibility in WithMira.
2Open the company application page from the tracked apply link.
3Save the role or subscribe for similar opportunities before leaving.
More roles open to CanadaMore roles open to MexicoMore roles open to USAMore AWS rolesMore CI/CD rolesMore Python roles
Apply on company siteCompany siteOpen link