Company Profile:
At CAVA we make it deliciously simple to eat well and feel good every day. We are guided by a Mediterranean heritage that’s been perfecting how to eat and live for four thousand years. We prioritize authenticity, curiosity and the pursuit of excellence in everything we do. We are working towards something big, together.

We foster a culture built on five core values: 

• Generosity First, Always: We lead with kindness. Our best work happens when we act in service of others. 
• Constant Curiosity: We are eager to learn, grow, and explore beyond the obvious. 
• Act with Agility: We welcome change; it’s the only constant. We embrace, adjust, adapt. 
• Passion for Positivity: We greet each day with warmth and possibility. 
• Collective Ambition: We have high aspirations that are achieved when we work together with a shared purpose. 

Lead Identity and Access Management Engineer

As the Lead Identity and Access Management (IAM) Engineer, you will ensure the success of our identity program, manage delivery of new capabilities, and manage the processes and systems that reduce user access friction, reduce risk, and ensure compliance. You will partner with other teams to build a robust IAM infrastructure, manage onboarding of new systems, build compliant processes, and maintain our current systems. This role will lead the IAM roadmap and drive successful implementation of new capabilities.

What You’ll Do:

• Be the CAVA subject matter expert on Identity and Access Management services including directory, privileged access management, single sign-on, secrets management, and identity governance and administration
• Participate in the development and maintenance of IAM policies and standards reflecting industry best practices
• Create compliant IAM procedures in alignment with best practices and CAVA requirements
• Design and deliver multi-year Identity and Access Management roadmap
• Develop and maintain role-based access control (RBAC) strategies and automated processes to reflect changing organizational needs
• Create and maintain detailed documentation of IAM configurations and procedures, ensuring accessibility to relevant teams
• Develop and implement user access governance automation
• Continuously monitor and refine user onboarding/offboarding procedures to align with evolving organizational needs
• Collaborate with technology and business teams to define user access requirements and workflows and automate user provisioning/deprovisioning tasks to enhance onboarding efficiency
• Collaborate with internal and external audit teams to facilitate IAM audit processes
• Enable regular user audits and assist with user access reviews
• Lead analytics and automation program to identify IAM risks and improve IAM processes, data, and integrations
• Drive process improvement initiatives with stakeholders to increase scalability, accountability, and maturity
• Conduct user access training sessions to ensure smooth processes

The Qualifications:

• Multiple years of success serving in an IAM role
• Advanced understanding of IAM business processes, information technology general controls, security, and standards
• Experience engineering and designing Identity and Access Management platforms, solutions, and services
• Expertise in Identity and Access Management principles, processes, and technology solutions
• Knowledge in various aspects of IAM, including multi-factor authentication, passwordless, Identity federation, privileged access management, user provisioning/deprovisioning, single sign-on, access certifications, identity analytics, and role-based access control
• Experience reviewing user access governance against formal security and control frameworks
• IAM experience and expertise in a SAAS and cloud environment
• Ability to influence and effectively communicate with all levels of management and across business functions
• Ability to effectively prioritize tasks in a fast-paced environment
• Occasional Travel 
• Bachelor's degree in a technical field, or equivalent practical experience
• Restaurant or retail IAM experience in a publicly traded company a plus

Physical Requirements:

• Ability to maintain stationary position to be able to operate a computer and other office equipment
• Must be able to identify, analyze and assess details
• For certain positions, must be able to occasionally move or transport items up to 50 pounds
• Ability to communicate with others and exchange information accurately and effectively
• Constantly positions self and move about to support ordinary restaurant or food production support or office operations, as applicable
• Ability to work in a constant state of alertness and in a safe manner  

What we offer:

• Competitive salary, plus bonus and long-term incentives*
• Next day pay!
• Unlimited PTO, paid parental leave, plus paid opportunities to give back to the community
• Health, Dental, Vision, Telemedicine, Pet Insurance plus more!
• 401k enrollment with CAVA contribution
• Company-paid STD, LTD, Life and AD&D coverage for salaried positions*
• Free CAVA food
• Casual work environment
• The opportunity to be on the ground floor of a rapidly growing brand

*Indicates qualifying eligible positions only

CAVA – Joining “A culture, not a concept”
As an equal opportunity employer, CAVA considers applicants for all positions without regard to race, color, sex, religion, national origin, disability, age, height, weight, marital status, sexual orientation, familial status, genetic information or any other characteristic or protected classes as defined by federal, state, or local law.