Lead the strategy and execution for modern Identity and Access Management
Design and drive scalable, secure-by-default identity guardrails for workforce and platform/product environments
Lead key initiatives such as Zero Trust enforcement, Non-Human Identity (NHI) governance, IAM Threat Management and automation of identity workflows
Define the enterprise and platform IAM strategy for human identities, NHI, and AI/agent identities
Establish identity reference architectures, patterns, and paved roads for product teams and internal engineering
Build and operationalize controls for service identities, workload identities, API identities, bots, and automation accounts across cloud, CI/CD, and runtime environments
Drive adoption of short-lived, federated credentials where feasible; reduce static secrets and unmanaged service accounts
Implement lifecycle governance for NHI: creation standards, ownership, rotation/attestation, inactivity reaping, and incident response playbooks
Define secure patterns for AI acting on behalf of users or services
Partner with AI platform teams to implement guardrails: identity provenance, policy enforcement, auditing, and kill-switch mechanisms for misbehaving agents
Ensure AI identity behaviors are measurable and governable (logging, traceability, approvals for sensitive actions, segmentation of duties)
Build/standardize authorization models (RBAC/ABAC/ReBAC as appropriate) across workforce and product systems
Drive consistent policy as code, access reviews, and privileged access workflows
Define standards for token scopes, claims, session constraints, step-up auth, and sensitive action protections
Improve detection/response for identity threats: anomalous token use, privilege escalation, credential misuse, service-account sprawl
Create metrics and reporting for identity posture and platform adoption

Requirements

10+ years in IAM / security engineering, including designing identity architectures at enterprise scale
Proven experience securing non-human identities across cloud, CI/CD, and production runtimes
Deep knowledge of auth standards: OAuth2, OIDC, SAML, JWT, token exchange, federation, and modern workload identity patterns
Strong authorization design experience: modeling permissions, least privilege, policy enforcement, and access governance
Experience designing or securing systems where software agents act on behalf of users/services (delegation, impersonation, tool access, constrained execution)
Ability to define guardrails for agentic actions: approval gates, scoped permissions, auditable trails, and containment strategies
Strong software engineering fundamentals (APIs, distributed systems, logging/telemetry); ability to review designs and code
Experience with cloud IAM ecosystems and platform primitives (identity federation, workload identity, secretless patterns, KMS/HSM integration)
Experience building identity “paved roads” and internal developer platforms (IDP) patterns for identity
Experience with privileged access management and tiering models for admin access
Familiarity with CI/CD identity, signing, and provenance controls (build identities, artifact trust, token hardening)
Drives measurable risk reduction and adoption across orgs
Sets standards others follow; resolves ambiguous identity problems; leads through influence.

Benefits

health and financial benefits
time away
everyday wellness

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Identity and Access Management (IAM)Zero TrustNon-Human Identity (NHI) governanceIAM Threat ManagementRBACABACReBACOAuth2OIDCSAML

Soft Skills

leadershipstrategic thinkingproblem-solvinginfluencecommunicationcollaborationpolicy enforcementrisk managementgovernancedesign review