Principal Security Engineer – IAM
Lennar
full-time
Posted on:
Location Type: Office
Location: Irving • Florida • Texas • United States
Visit company websiteExplore more
Job Level
About the role
- Define and lead the implementation of the organization’s security strategy, with a focus on Cloud Security, Identity Access Management, and all other aspects of Cybersecurity
- Architect and oversee the deployment of IAM solutions across both on-premise and cloud environments, ensuring they meet the highest standards of security
- Lead the most complex security assessments, including threat modeling, red teaming, and cloud security reviews
- Collaborate with executive leadership to ensure that security initiatives align with the organization’s strategic goals and risk appetite
- Act as the technical lead for large-scale security projects, coordinating cross-functional teams to ensure successful delivery
- Architect and implement solutions across workforce IAM, PAM, and customer IAM ecosystems
- Provide thought leadership in adopting passwordless authentication, passkeys, adaptive MFA, and AI-driven access orchestration strategies
- Engineer integrations with Agentic AI tools for intelligent decisioning, policy enforcement, and autonomous identity lifecycle operations.
- Develop and implement automated provisioning/deprovisioning workflows
- Ensure integration of IAM with cloud platforms (Azure, AWS, GCP) and SaaS applications
- Mentor and develop the skills of senior security engineers, fostering a culture of continuous improvement and innovation.
Requirements
- Bachelor’s degree in Computer Science, Cybersecurity, or a related discipline; Master’s degree is highly preferred
- Minimum of 10 years in security engineering, with significant expertise in Identity and Access Management (IAM)
- Demonstrated success in leading large-scale IAM initiatives and formulating security strategies for complex organizations
- Design and hands-on engineering across IAM: Identity Providers (such as Microsoft Entra ID, Okta, Ping, ForgeRock), Identity Governance & Administration (SailPoint, Saviynt), Privileged Access Management (CyberArk, Delinea, HashiCorp Vault), and Customer IAM (Auth0, PingOne—preferred)
- Deep understanding of federation protocols (SAML, OAuth2.0, OIDC), SCIM, and RESTful APIs
- Hands-on experience with Active Directory, LDAP, and cloud IAM solutions (Azure, AWS, GCP)
- Solid foundation in Zero Trust architecture and contemporary security standards
- Proficient in scripting and automation using PowerShell, Python, Java, or RESTful APIs
- Recognized industry certifications such as CISSP, CCSP, AWS Certified Security – Specialty, or equivalent credentials
- Exceptional leadership and communication abilities, capable of influencing executive decision-makers and directing cross-functional teams.
Benefits
- Health insurance plans, including Medical, Dental, and Vision coverage
- 401(k) Retirement Plan, complete with a $1 for $1 Company Match up to 5%
- Paid Parental Leave
- Associate Assistance Plan
- Education Assistance Program
- Up to $30,000 in Adoption Assistance
- Up to three weeks of vacation annually
- Generous Holiday, Sick Leave, and Personal Day policies
- New Hire Referral Bonus Program
- Significant Home Purchase Discounts
- Unique opportunities such as Everyone’s Included Day
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
Cloud SecurityIdentity Access ManagementCybersecurityIAM solutionspasswordless authenticationadaptive MFAAI-driven access orchestrationautomated provisioningscriptingZero Trust architecture
Soft Skills
leadershipcommunicationcollaborationmentoringinfluencingcross-functional coordinationcontinuous improvementinnovation
Certifications
CISSPCCSPAWS Certified Security – Specialty