Software Engineer - Identity & Access

Location: Global

Team: General

About the Role

Wise is a global technology company on a mission to build the best way to move and manage the world’s money with min fees, max ease, and full speed. As a Software Engineer in Identity & Access, you’ll ensure our IAM systems are secure, scalable, and user-friendly, partnering with Security and teams across Wise to support global operations and eliminate money movement obstacles. You’ll design identity lifecycles, manage Okta integrations, automate workflows, and drive improvements through code and collaboration. Your role involves hands-on engineering with Okta, Python automation, modern auth standards like SAML and OIDC, and access governance at scale. You’ll respond to incidents, support audits, create documentation, and enable Support teams worldwide. With an ownership mindset and strong problem-solving, you’ll help Wise maintain best-practice security while scaling for everyone, everywhere. Join a diverse, inclusive team that values impact over years of experience, and contribute to a borderless financial network used by millions.

Key Responsibilities

• Design, implement, and operate identity lifecycle and access governance (IAG): joiner/mover/leaver, role-based access control (RBAC) and least privilege, access reviews and certifications
• Administer Okta as our identity provider (IdP) and manage third-party integrations using both out-of-the-box features and custom work, including SSO via SAML and OIDC/OAuth2, and provisioning via SCIM
• Build automation and internal tooling (Python preferred) to improve process efficiency and reduce manual work
• Define and maintain policies for MFA, device posture, and conditional access; ensure authentication and authorisation follow best practice
• Collaborate with Security on incident response and investigations; support audits and evidence collection related to access management
• Create and maintain clear documentation, runbooks, and diagrams; participate in disaster recovery (DR) planning and exercises
• Propose and implement improvements, modify configurations, and update internal tools through code review, change control, and CI/CD
• Enable Support teams globally with training, playbooks, and tooling; act as an escalation point for complex issues

Required Qualifications

• Proficiency in at least one programming language and scripting (Python preferred) to automate IAM workflows and integrations
• Hands-on experience with an enterprise IdP (Okta preferred) and modern authentication/authorisation standards (SAML, OIDC/OAuth2, SCIM)
• Experience operating IAM at scale, including lifecycle automation and access governance
• Strong communicator who can drive cross-team projects, ask the right questions, and bring work to completion
• Ownership mindset, curiosity, and a problem-solving approach
• Typically 3+ years of relevant IAM/IT engineering experience, or equivalent practical experience

Preferred Qualifications

• DevOps practices (Git, CI/CD, observability) and infrastructure as code (e.g., Terraform); configuration as code for identity systems
• Low/no-code automation platforms (e.g., Okta Workflows, Workato, Zapier) and iPaaS patterns
• Privileged access management (PAM) and secrets management
• Experience with audits and compliance frameworks (e.g., ISO 27001, SOC 2, SOX)
• Relevant certifications

Required Skills

• Python scripting and automation
• Okta administration
• SAML, OIDC/OAuth2, SCIM protocols
• Identity lifecycle management (joiner/mover/leaver)
• Role-based access control (RBAC) and least privilege
• Access reviews and certifications
• MFA and conditional access policies
• Incident response and audit support
• Cross-team collaboration and communication
• Documentation and disaster recovery planning

Benefits

• RSUs (stock options)
• Flexible working
• Parental leave
• Learning budget
• Paid sabbatical after 4 years
• Health insurance
• Company retreat
• Wise card

Wise is an equal opportunity employer committed to building a diverse workforce.