Sr. Principal IAM Security Engineer

Job Requisition ID # 26WD96445 Position Overview Autodesku2019s Cyber Defense team is looking for aSr. Principal IAM Security Engineerto lead the strategy and execution for modern Identity and Access Management across human and non-human identities, including service accounts, workloads, secrets-backed identities, federated identities, and emerging AI/agentic identity patterns. Youu2019ll design and drive scalable, secure-by-default identity guardrails for workforce and platform/product environments, enabling engineering teams to move fast while reducing systemic identity risk. Youu2019ll lead key initiatives such asZero Trust enforcement,Non-Human Identity (NHI) governance, IAM Threat Management andautomation of identity workflows, while working across multiple business units to align platforms, reduce risk, and build seamless access experiences. Key Responsibilities _Identity_ _S_ _trategy_ _& Governance_ + Define the enterprise and platform IAMstrategyfor human identities, NHI, and AI/agent identities, including lifecycle, authentication, authorization, and auditing standards + Establish identity reference architectures, patterns, and paved roads for product teams and internal engineering _Non-human Identity Security (Enterprise + Platform)_ + Build and operationalize controls for service identities, workload identities, API identities, bots, and automation accounts across cloud, CI/CD, and runtime environments + Drive adoption of short-lived, federated credentials wherefeasible; reduce static secrets and unmanaged service accounts + Implement lifecycle governance for NHI: creation standards, ownership, rotation/attestation, inactivity reaping, and incident response playbooks _AI / Agentic Identity Enablement_ + Define secure patterns for AI acting on behalf of users or services, including delegated authorization, scoped tokens, and least-privilege access models + Partner with AI platform teams to implement guardrails: identity provenance, policy enforcement, auditing, and kill-switch mechanisms for misbehaving agents + Ensure AI identity behaviors are measurable and governable (logging, traceability, approvals for sensitive actions, segmentation of duties) _Authorization, Policy, and Access modeling_ + Build/standardize authorization models (RBAC/ABAC/ReBAC asappropriate)across workforce and product systems + Drive consistentpolicy ascode, access reviews, and privileged access workflows + Define standards for token scopes, claims, session constraints, step-up auth, and sensitive action protections _Operational Excellence & Incident Readiness_ + Improve detection/response for identity threats: anomalous token use, privilege escalation, credential misuse, service-account sprawl. + Create metrics and reporting for identity posture and platform adoption (coverage, drift, exceptions, time-to-remediate) + Lead identity-related investigations and post-incident improvements Leadership & influence + Serve as a senior technical leader influencing engineering orgs, platform teams, and security; mentor others and raise the bar on identity engineering + Translate risk into pragmatic engineering requirements; drive roadmaps across multiple teams Minimum Qualifications + 10+ years in IAM / security engineering, including designing identity architectures at enterprise scale + Proven experience securing non-human identities across cloud, CI/CD, and production runtimes + Deep knowledge of auth standards: OAuth2, OIDC, SAML, JWT, token exchange, federation, and modern workload identity patterns + Strong authorization design experience: modeling permissions, least privilege, policy enforcement, and access governance + Experience designing or securing systems where software agents act on behalf of users/services (delegation, impersonation, tool access, constrained execution) + Ability to define guardrails for agentic actions: approval gates, scoped permissions, auditable trails, and containment strategies + Strong software engineering fundamentals (APIs, distributed systems, logging/telemetry); ability to review designs and code + Experience with cloud IAM ecosystems and platform primitives (identity federation, workload identity,secretlesspatterns, KMS/HSM integration) + Experience building identity u201cpaved roadsu201d and internal developer platforms (IDP) patterns for identity + Experience with privileged access management and tiering models for admin access + Familiarity with CI/CD identity, signing, and provenance controls (build identities, artifact trust, token hardening) + Drives measurable risk reduction and adoption across orgs + Sets standards others follow;resolvesambiguous identity problems; leads through influence Learn More About Autodesk Welcome to Autodesk Amazing things are created every day with our software u2013 from the greenest buildings and cleanest cars to the smartest factories and biggest hit movies. We help innovators turn their ideas into reality, transforming not only how things are made, but what can be made. We take great pride in our culture here at Autodesk u2013 itu2019s at the core of everything we do. Our culture guides the way we work and treat each other, informs how we connect with customers and partners, and defines how we show up in the world. When youu2019re an Autodesker, you can do meaningful work that helps build a better world designed and made for all. Ready to shape the world and your future? Join us Benefits From health and financial benefits to time away and everyday wellness, we give Autodeskers the best, so they can do their best work. Learn more about our benefits in the U.S. by visiting Salary transparency Salary is one part of Autodesku2019s competitive compensation package. For U.S.-based roles, we expect a starting base salary between $153,000 and $273,460. Offers are based on the candidateu2019s experience and geographic location, and may exceed this range. In addition to base salaries, our compensation package may include annual cash bonuses, commissions for sales roles, stock grants, and a comprehensive benefits package. Equal Employment Opportunity At Autodesk, we're building a diverse workplace and an inclusive culture to give more people the chance to imagine, design, and make a better world. Autodesk is proud to be an equal opportunity employer and considers all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender, gender identity, national origin, disability, veteran status or any other legally protected characteristic. We also consider for employment all qualified applicants regardless of criminal histories, consistent with applicable law. Diversity & Belonging We take pride in cultivating a culture of belonging where everyone can thrive. Learn more here: Are you an existing contractor or consultant with Autodesk? Please search for open jobs and apply internally (not on this external site).

Created: 2026-03-25