Trimble Inc. is a global technology company that connects the physical and digital worlds, transforming the ways work gets done. They are seeking a Lead Product Manager for their Identity and Access Management platform to own the strategy and execution of user access management across their global ecosystem.
Responsibilities:
- Own the concept of 'Organizations' within our product — the logical grouping of users, teams, settings, and resources under a single enterprise tenant
- Contribute to the hierarchy model for organizations, including support for nested sub-organizations, delegated administration, and per-org policy overrides
- Manage the experience for org-level IAM configuration: domain verification and claiming, enforced SSO, member join flows, and seat management
- Ensure that organization-scoped roles and permissions are clearly modeled and consistently enforced across all product surfaces
- SCIM (System for Cross-domain Identity Management): lead product management for SCIM 2.0 support, enabling enterprise customers to automate user provisioning and deprovisioning from their identity providers (IdPs) directly into our platform
- Define the data model and API contracts for SCIM endpoints, including support for Users, Groups, and custom schemas
- Work with engineering to ensure robust sync reliability, conflict resolution, and real-time de-provisioning to uphold security standards
- Create documentation, guides, and onboarding flows that make SCIM setup seamless for IT administrators
- Leverage your deep IAM experience to drive requirements for integrating with a wide variety of directories from on-prem Active Directory through Entra ID, Okta, Auth0, and more
- Ensure our platform supports mixed environments where customers operate both on-premises and cloud-based directories simultaneously
- Work cross-functionally to define how directory attributes map to roles, permissions, and organizational structures within our system
- Lead and contribute to the larger group product strategy for identity federation, including support for SAML 2.0 and OIDC/OAuth 2.0 based SSO integrations with major identity providers such as Microsoft Entra ID and Google Workspace
- Assist in the definition and refinement of the SP-initiated and IdP-initiated login flows, Just-In-Time (JIT) provisioning, and attribute mapping configuration experience
- Ensure our federation implementation supports advanced enterprise requirements such as signed assertions, encrypted tokens, and custom claim mappings
- Define and own the multi-year roadmap for IAM capabilities, including authorization and provisioning
- Architect a strategy for uniform access management that eliminates fragmented authorization patterns, empowering developers to integrate workflows across products seamlessly and securely
- Partner with enterprise sales and customer success to identify and prioritize the IAM features that drive adoption and expansion
- Balance strategic platform investments with near-term customer needs, communicating trade-offs clearly to stakeholders
- Write detailed product requirements documents (PRDs) and user stories that give engineering clear acceptance criteria
- Collaborate with security, legal, and compliance teams to ensure our IAM features meet SOC 2, ISO 27001, and applicable data residency requirements
- Define and track key metrics for IAM feature adoption, SSO coverage, SCIM sync reliability, and provisioning error rates
Requirements:
- 5+ years of product management experience with a deep focus on IAM, developer infrastructure, or enterprise SaaS
- Expert-level knowledge of identity protocols including SCIM 2.0, SAML 2.0, OIDC, and OAuth 2.0
- Proven track record of defining complex multi-tenancy models and Organization structures for enterprise scale
- Technical fluency in defining API documentation, authentication flows, and system architecture diagrams
- Experience building enterprise-grade IAM from the ground up or working with providers like Okta and Google Workspace
- Knowledge of Zero Trust architecture principles or Privileged Access Management (PAM)
- Professional security certifications such as CIAM or CISSP