Skip to content
SecRoles

Identity and Access Management (IAM) Engineer

ProtonParis, France · Remote (France)June 29, 2026
Remote
Full-time
Identity & Access Management
Mid

About Proton

Join Proton and build a better internet where privacy is the default

Proton was founded in 2014 by scientists from CERN on a simple truth: privacy is a fundamental human right. Since then, we’ve built the world’s largest encrypted email service (Proton Mail) and expanded into Proton VPN, Proton Drive, Proton Pass, and Proton Calendar—tools used by millions globally to protect their freedom, fight censorship, and keep their data safe. In some situations, Proton has literally helped save lives!

We are profitable, independent (no VC control), and selectively hire from the top ~1% of applicants. Our 700+ team members across 50+ countries come from leading organizations and elite academic backgrounds. We move fast, keep hierarchy light, and prioritize impact over optics. If you want to do meaningful work with exceptionally high-caliber people, this is it. Join us and do work you can truly be proud of. Check our open-source projects here!

Role Overview

The Identity and Access Management (IAM) Engineer will play a critical role in designing, implementing, and securing Proton's core internal identity infrastructure. As we scale globally, maintaining robust access controls and seamless identity governance is paramount to safeguarding our systems and supporting our growing team across Europe and beyond.

This role bridges modern system engineering, security architecture, and identity lifecycle automation. Sitting within our technical infrastructure and security ecosystem, you will take ownership of our core IAM stack, which leverages a strong foundation of self-hosted, open-source technologies (eg. Keycloak, and midPoint) alongside key enterprise solutions like Duo. You will collaborate closely with cross-functional teams to integrate identity solutions into existing architectures, automate operational workflows, and design Proton-specific access models that strike the perfect balance between strict zero-trust security and team velocity.

What you will do

IAM Architecture & Implementation

  • Design, implement, integrate, and maintain Proton’s core IAM solutions, ensuring high availability, security, and scalability.
  • Manage and maintain systems and applications built on self-hosted, and open-source environments.
  • Collaborate closely with cross-functional engineering teams to integrate the IAM platform seamlessly into our existing infrastructure and internal tools.

User Lifecycle & Governance

  • Develop, implement, and maintain secure automated processes for user provisioning, de-provisioning, and overall account lifecycle management to ensure seamless onboarding and offboarding.
  • Design and manage identity governance processes to ensure proper management of user access rights, entitlements, and strict alignment with organizational compliance standards.
  • Conduct regular audits, assessments, and access re-certification campaigns to proactively discover and remediate access anomalies.

Authentication & Access Control

  • Configure, optimize, and manage access control, authentication, and authorization mechanisms.
  • Develop and enforce granular policies for identity and access management in alignment with organizational security goals.
  • Support, maintain, and contribute to specialized infrastructure projects.

Automation & Systems Engineering

  • Leverage your scripting and automation expertise to eliminate operational toil and streamline identity workflows.
  • Write high-quality, maintainable code for infrastructure automation and configuration management.

Job requirements

  • Proven experience as an IAM Engineer with a deep focus on identity management within a production environment.
  • Strong, hands-on experience working with open-source IAM solutions (e.g., FreeIPA, Keycloak, midPoint).
  • Deep technical understanding of core identity protocols and standards, specifically LDAP, SAML, OAuth, and OIDC.
  • Strong proficiency in scripting languages (e.g., Python, Bash) for automation, integration, and tooling tasks.
  • Solid background in system engineering, particularly with managing, deploying, and maintaining complex self-hosted solutions.
  • Ability to adapt quickly in a fast-paced environment.
  • Strong communication and interpersonal skills, with a proven track record of collaborating effectively across engineering and non-engineering teams.

Preferred qualifications

  • Advanced proficiency in implementing, configuring, and maintaining midPoint.
  • Hands-on experience with configuration management and infrastructure-as-code tools (such as Ansible, Puppet).
  • Prior experience managing identity governance frameworks, including compliance reporting and access re-certification campaigns.
  • Relevant industry certifications in IAM-related technologies (e.g., CIDPRO certification).

Success in This Role

  • Proton’s identity lifecycle processes (onboarding, offboarding, and transitions) become fully automated, secure, and seamless.
  • Internal open-source IAM solutions are robustly engineered, highly available, and perfectly integrated across our infrastructure.
  • Identity governance and re-certification campaigns are managed effectively with minimal manual overhead and clear auditability.
  • Authentication mechanisms and access controls are optimized to enforce strict security baselines without breaking organizational agility.

What We Offer

  • Work that Matters: millions of people trust Proton with their privacy. We answer only to our users — not advertisers, not investors with conflicting agendas, not governments. The work you do here is real, and the impact is measurable. (read more about our impact here)

  • Stock Options: at Proton, we all have the opportunity to be owners of the company. From day one, you have a real stake in what we're building. When Proton wins, you win.

  • Technology: you'll get the right hardware and the right software you need to do your best work.

  • Learning & Development: we invest in your growth because sharp people make us better. Proton is one of the fastest ways to accelerate your career because you'll be thrown into real challenges, with real ownership, from day one.

  • Employee Benefits: your wellbeing isn't an afterthought. We offer strong health coverage, solid retirement options, generous leave, and wellness support so you can bring your best self to work every day

  • In-Person Collaboration: Amazing things happen when passionate, smart, and purposeful people get together in the same room. With offices across Geneva, Zürich, Barcelona, London and more, you'll spend most of your time collaborating face-to-face with people who genuinely care about what they're building

  • Food: Lunch and snacks are on us every day in our offices so you can focus on the work and not on what's for lunch.

  • Transport: getting to the office shouldn't cost you. We cover public transport, bike allowances, or parking, whichever works for you.

  • Flexible Working: you own your schedule. Set hours that work for you and your team — because outcomes matter more than when the clock says you started.

Our Commitment to Diversity and Inclusion

At Proton, we believe diversity drives innovation and strengthens our mission to provide privacy as a default for all. We are committed to fostering an inclusive environment where all individuals, regardless of race, ethnicity, gender, age, sexual orientation, physical ability, or socio-economic background, feel valued and empowered. We strive to create equal opportunities, promote open dialogue, and support continuous learning to ensure every voice is heard and respected.

If you need any extra support or reasonable adjustments during the hiring process, please let your talent partner know.

Candidate Privacy Notice

When you apply for a position, refer a candidate, or are considered for a role at Proton Technologies AG (Proton, we, us, or our), your information is stored in Greenhouse, in accordance with their Service Privacy Policy. This information is used to evaluate your suitability for the posted position. We also retain this information for consideration for future roles that you may apply for or that we believe may align with your background and skills.

If we no longer have a legitimate business need to process your information, we will either delete or anonymize it. Should you have any inquiries about how we use or manage your information, or if you wish to access, correct, or delete your data, please contact our privacy team at [email protected].

Proton does not accept unsolicited resumes from any sources other than directly from candidates. We will not pay a fee for any placement resulting from an unsolicited offer, even if the candidate is subsequently hired by Proton.

To learn more about our privacy policy, please visit our privacy policy page. 

Compensation range
Paris:  53.000 - 80.000 gross annually*
Other locations: Compensation will be discussed during the interview process_
*Final compensation will be determined based on the candidate's qualifications, skills, and previous experience_

#LI-Onsite

Job Details

Salary

€53,000 – €80,000/yr (fr)

Experience

Mid

Tools & Tech

Ansible
Bash
Keycloak
Puppet
Python
Apply