Ready to change
the world through music?

Here’s just one of the many ways you can make that happen at Sonos.
Returning Candidate? Log back in!

Not ready to apply? Don't see the perfect job listed?

Talent Network

Senior Identity and Access Management Engineer (Seattle/Boston)

Department: Platforms and Infrastructure

Location: Boston, Santa Barbara, Seattle

Req#: 2689

Are you excited about the scale of millions of devices in millions of homes? Do you want to work on the cutting edge of IoT and rising wave of the connected home? Do you want to be part of the team that makes the magic happen in connecting the smartest speakers on the planet to streaming music services, voice services, and other devices in the home?

We are seeking a Senior Systems Engineer who will play a critical role in defining the future of Identity at Sonos. Someone who is focused on the future with the ability to ensure our services are designed with operations in mind; architected for high availability, and properly monitored.

In this role, you will draw upon a diverse set of technical expertise to deliver always-on, great experiences. Beyond your technical ability, you will also have an excellent combination of innate curiosity and root cause focus, cross-group collaboration skills, communication and negotiation skills, relationship building ability, and planning skills. You strive to maintain an unwavering focus on Quality of Service; executing with high accountability and have a drive to improve, evolve and revolutionize the systems you manage. You will have a sense of urgency to get things done efficiently, and you can do so independently as well as part of a team.  Key expertise of yours will include Active Directory, SAML, oAuth, troubleshooting and debug skills, cloud computing, DevOps tooling, coding/scripting, and infrastructure engineering to deliver always-on, great experiences.

About You

Our band is large. And while there’s plenty of room for all kinds of personalities and skill sets to succeed, there are certain qualities that will help you thrive here.

Like a never-accept-less work ethic. An exceptionally low ego-to-talent ratio (none of the first, tons of the latter). A relentless craving to push past your limits and try new things. The smarts and the humble confidence to take on big challenges, make mistakes fast and early, embrace tough feedback, then recover quickly with fresh, startlingly perfect solutions. A fearless willingness to defend great work. And a tendency to totally geek out on music.

If this sounds like you, read on and let’s connect soon.

What You’ll Do

You will build and run our Identity & Authentication services making sure they are future proof and experience led. These include Microsoft Active Directory, Okta, Duo and Radius platforms.


  • Design, develop and implement connectors and technical components for authentication, authorization and identity provisioning to provide automated onboarding and off boarding.
  • Define the service architecture and security.
  • Ensure the failure modes are well understood, and the right instrumentation and telemetry is included for monitoring and alerting.


  • Measure and optimize the service: tune alerts, right-size capacity, identify availability, performance, and security opportunities.
  • Perform root cause analysis, use data to identify the scope and scale of impact.
  • Create stories and build automation to prevent problem recurrence.
  • Drive requirements as needed for feature growth.

Skills You’ll Need

  • Undergraduate degree in CS, a related technical field, or commensurate related work experience.
  • Decisive, action-oriented individual who takes ownership of open issues and can drive to a solution set.
  • Expertise in designing, analyzing and troubleshooting IAM systems.
  • Understanding of DevOps methodologies and how to apply them to Identity platforms.
  • 5+ years’ experience in designing, building, and supporting Active Directory Directory Services solutions/environments.
  • 2+ years’ experience hybrid environments including supporting AD Azure and DirSync / Azure AD Connect.
  • 3+ years’ experience with Okta, OneLogin, PingIdenity or other SSO (SAML/oAuth/etc) Provider, preferably with provisioning into 3rd party SAAS applications.
  • 3+ years as a systems engineer experienced in a highly-available production environment. 
  • 1+ year of experience with MFA.
  • In depth knowledge of PKI elements such as X.509 certificates, PKI Elements and Hierarchy, Trust Models, Cross Certification, etc.
  • Ability to build and design PKI in a complex environment.
  • Scripting proficiency in powershell.  Plus: Former experience as a developer programming in Java, C, C# etc.
  • Knowledge application federation and provisioning including Box, Salesforce, Office 365, Slack, Confluence, Jira, and ZenDesk.                                                   
  • Service monitoring and alerting expertise;
  • Radius Experience preferred.
  • Networking and security experience preferred.
  • Scrum/Agile Methodology experience.
  • Passion for music!
How to Audition

If this looks like a good fit to you, please apply.  If there is a strong match, you’ll be invited for a phone interview with one of our recruiters. 

More About Our Band

In 2002, we set out to reinvent home audio for the digital age. Our mission–to fill every home with amazing sounding music. Yes, it was an ambitious goal. Challenging, too. And that hasn’t changed.

Since those early days, we’ve remained tirelessly focused on finding innovative ways to make listening out loud, with friends and loved ones, the truly transformative experience it should be. We’ve seen our vision capture the imaginations of music lovers in more than 60 countries, as we’ve continued to introduce products, software, and technologies that help people share the songs they love, discover new music they never knew existed, and experience richer, more musical lives.

At Sonos, we are building a team with extraordinary talent to help us fill every home with music. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status.