Principal Architect- User Identity and Access

We’re looking for a Principal Architect, User Identity and Access to join Procore’s User Identity and Access Management (UIAM) team. Bridging the needs of materials suppliers, course of construction activities, financial relationships, legal sovereignty, and the many types of stakeholders and verticals, the construction industry has uniquely demanding authorization and authentication requirements. To meet that need, this is both an architectural and technical role, and as such requires high business acumen coupled with deep technical knowledge of identity management products and systems design principles.  In this role, you’ll have the unique opportunity to drive the next generation of UIAM initiatives in our global SaaS infrastructure, working with our dedicated and talented team spanning Engineering, Product Management, UX and Architects to create and scale the next generation Procore experience.

As a Principal IAM Architect, you will be primarily responsible for establishing the strategic technical direction, creating reference patterns, and will be additionally responsible for actively driving the effective execution of that strategy for one of Procore’s core product areas. This is a great opportunity to use your leadership, interpersonal, and organizational skills to build highly effective systems and practices, foster collaborative relationships, and measure value delivered to our customers.

This position has the opportunity to be located in the Austin, TX office.  We’re looking for someone to join our team immediately.

What you’ll do:

• Develop and oversee IAM platform strategy and architecture at scale, policies, and technologies for user identities, authentication, authorization, account protection, and access controls.

• Collaborate with cross-functional teams and senior leaders to align IAM strategies with business goals, ensuring scalability and interoperability across platforms.

• Evaluate and recommend IAM tools and technologies, and develop reference patterns and roadmaps for IAM domains.

• Hands-on development and code reviews for a robust and secure Identity and Access Management (IAM) framework to protect digital assets and ensure efficient user access.

• Manage customer onboarding and offboarding workflows, design authentication mechanisms like multi-factor authentication (MFA), single sign-on (SSO), and establish authorization frameworks and access policies utilizing FGA.

• Assess IAM-related risks, respond to security incidents, and integrate IAM solutions with applications, directories, and cloud services.

• Work with development teams to incorporate IAM considerations in application design and maintain comprehensive IAM documentation.

• Stay informed on emerging IAM trends and recommend innovative solutions to enhance security and user experience.

• Build internal and external influence in the Engineering community, maintaining technology strategies aligned with corporate and product strategies.

What we’re looking for:

• Bachelors or Masters Degree in Computer Science, a related field, or comparable work experience

• 15+ years experience in software engineering, Test Driven Development, Design principles and Distributed Architectures.

• Expertise in Identity and Access Management at large global scale for SaaS enterprise, including authentication, authorization, privacy and consent management, regulatory compliance, multi-factor authentication, federation, and risk management.

• Proficiency in authentication standards, frameworks, lifecycle management, tokens, session management and profiles, federation technologies (SAML, OAUTH, OpenID Connect) as well as customer identity and access management platforms like Okta, Auth0, Ping Identity.

• Proficiency with authorization standards such as RBAC, JWT, MFA, ABAC, but most specifically FGA (Fine Grained Authorization) utilizing Zanzibar. 

• Effective communication skills  to influence key stakeholders across the enterprise, at all levels of the organization and promote a culture of engineering excellence and being well-managed, using opportunities to reuse and innersource solutions where possible.

• Demonstrated ability to influence and drive change within the organization, promoting innovation and continuous improvement

• Being comfortable with the overall responsibility and accountability to create, and maintain a technical strategy and execution plan

• Driven operational transformation through automation and continuous process improvements

• Proven track record of distilling ambiguity to clarity and direction

Base Pay Range $255,840 - $351,780. Eligible for Bonus Incentive Compensation. Eligible for Equity Compensation. Procore is committed to offering competitive, fair, and commensurate compensation, and has provided an estimated pay range for this role. Actual compensation will be based on a candidate’s job-related skills, experience, education or training, and location.

Perks & Benefits

At Procore, we invest in our employees and provide a full range of benefits and perks to help you grow and thrive. From generous paid time off and healthcare coverage to career enrichment and development programs, learn more details about what we offer and how we empower you to be your best.

About Us

Procore Technologies is building the software that builds the world. We provide cloud-based construction management software that helps clients more efficiently build skyscrapers, hospitals, retail centers, airports, housing complexes, and more. At Procore, we have worked hard to create and maintain a culture where you can own your work and are encouraged and given resources to try new ideas. Check us out on Glassdoor to see what others are saying about working at Procore.

We are an equal-opportunity employer and welcome builders of all backgrounds. We thrive in a dynamic and inclusive environment. We do not tolerate discrimination against candidates or employees on the basis of gender, sex, national origin, civil status, family status, sexual orientation, religion, age, disability, race, traveler community, status as a protected veteran or any other classification protected by law.

If you'd like to stay in touch and be the first to hear about new roles at Procore, join our Talent Community.

Alternative methods of applying for employment are available to individuals unable to submit an application through this site because of a disability. Contact our benefits team here to discuss reasonable accommodations.

For Los Angeles County (unincorporated) Candidates:

Procore will consider for employment all qualified applicants, including those with arrest or conviction records, in accordance with the requirements of applicable federal, state, and local laws, including the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance, the Los Angeles County Fair Chance Ordinance for Employers, and the California Fair Chance Act.

A criminal history may have a direct, adverse, and negative relationship on the following job duties, potentially resulting in the withdrawal of the conditional offer of employment: 1. appropriately managing, accessing, and handling confidential information including proprietary and trade secret information, as well as accessing Procore's information technology systems and platforms; 2. interacting with and occasionally having unsupervised contact with internal/external customers, stakeholders, and/or colleagues; and 3. exercising sound judgment.