Principal IAM Engineer

JOB REQUIREMENTS: What's the role? The Principal IAM Engineer is thesenior technical authority for identity services, responsible fordesigning, implementing, and governing enterprise-wide IAM capabilitiesacross workforce, partner, and customer identities. This role combinesdeep hands-on engineering with architecture and leadership, driving themodernization of authentication, authorization, identity lifecycle, andprivileged access controls across our cloud and on-prem environments.Key Responsibilities: Own the endtoend technical design of IAM services,including identity lifecycle management, authentication, authorization,SSO, and privileged access controls, ensuring they are secure, scalable,and highly available. Lead design and implementation of IAM integrationsfor SaaS, onprem, and AWS cloud platforms, including federation (SAML,OIDC, OAuth), MFA, and Passwordless capabilities. Serve as the primaryescalation point for complex IAM engineering issues; perform rootcauseanalysis and drive longterm remediation and hardening of IAM platformsand related services. Partner with security architecture,infrastructure, application, and HR/IT teams to align IAM solutions withenterprise security strategy, compliance obligations, and businessobjectives. Define IAM engineering standards, patterns, and referencearchitectures; guide other engineers in implementing secure onboardingpatterns for applications into IGA, PAM, and SSO platforms. Leadmodernization initiatives. Contribute to audits, risk assessments, andregulatory reviews by providing technical evidence, designingcompensating controls, and closing identified IAM control gaps. Mentorand coach IAM engineers and analysts, promoting engineering excellence,documentation discipline, and a culture of continuous learning andimprovement. Bring your best What this role needs: 10+ years ofexperience in information security or infrastructure engineering, withat least 5 years of hands-on-keyboard experience with core IAMplatforms. Deep expertise with the majority of our IAM stack Stronghands-on experience with Microsoft Entra ID and Active Directory asfoundational directory services, and extensive experience implementingfederation protocols (SAML, OIDC, OAuth2). Proven track record designingand implementing IAM solutions in hybrid multi-cloud environments,including the automation of provisioning, access reviews, and RBAC/ABACmodels. Experience with secrets management solutions. Proficiency in atleast one scripting or programming language (such as PowerShell, Python,or Java) to automate tasks and build custom connectors for our IAMtools. Excellent communication skills with the ability to translatecomplex technical concepts related to our IAM ecosystem for bothtechnical and non-technical stakeholders. Exceptional sense of ownershipand the ability to work with a limited set of... For full info followapplication link. EEO/AA Employer/Vets/Disability APPLICATIONINSTRUCTIONS: Apply Online: ipc.us/t/FCE19C3D5DD940A9 Qualified females,minorities, and special disabled veterans and other veterans areencouraged to apply.

Created: 2025-12-25