Principal IAM Lead

DriveWealthNew York, NY
$155,000 - $175,000Hybrid

About The Position

DriveWealth is seeking a Principal IAM Lead to own and evolve our enterprise identity and access management ecosystem. This is a senior, hands-on technical leadership role for someone who lives at the intersection of identity architecture, security engineering, and platform administration. You will serve as the subject matter expert for our Okta and Auth0 environments, driving secure, scalable, and well-governed identity solutions across the organization. The ideal candidate has deep platform-level expertise, strong troubleshooting instincts, and the confidence to make and defend changes to authentication and security policies that affect the entire company.

Requirements

  • Extensive hands-on experience administering Okta at an enterprise level, including SSO/SCIM, Okta Workflows, and Okta Identity Governance
  • Strong, demonstrable experience with Auth0, including IdP connection creation and troubleshooting across major identity providers
  • Solid understanding of authentication and authorization concepts (SAML, OIDC, OAuth 2.0, MFA, adaptive/risk-based policies)
  • Working knowledge of identity and security logging practices to support monitoring and investigation
  • Practical experience consuming and integrating with REST APIs for automation and troubleshooting
  • Working knowledge of AWS, including AWS Identity Center
  • Familiarity with directory services (Active Directory, Entra ID) and how they integrate with Okta/Auth0
  • Strong troubleshooting skills and comfort making high-impact changes to production authentication systems
  • Excellent communication skills, with the ability to translate technical identity concepts for both technical and non-technical stakeholders

Nice To Haves

  • Relevant certifications (Okta Certified Consultant/Administrator, AWS certifications, CISSP, etc.)
  • Experience mapping IAM controls to compliance frameworks (SOC 2, ISO 27001, NIST)
  • Understanding of privileged access management (PAM) and non-human identity governance (service accounts, API keys, secrets rotation)

Responsibilities

  • Serve as the principal administrator and subject matter expert for Okta, including SSO and SCIM integrations, Okta Workflows, and Okta Identity Governance (OIG)
  • Design, build, and maintain group rules and access policies that support least-privilege and lifecycle management
  • Manage Okta licensing, entitlements, and platform capacity planning
  • Demonstrate deep expertise on how authentication rules (MFA policies, sign-on policies, adaptive authentication, risk-based policies, etc.) are applied within Okta, and update and tune these policies as business and security needs evolve.
  • Maintain strong working knowledge of the Auth0 platform, including tenants, rules/actions, and application configurations
  • Create, configure, and troubleshoot Identity Provider (IdP) connections across all major IdP types (SAML, OIDC, social, enterprise directories, etc.)
  • Diagnose and resolve authentication and federation issues across integrated applications
  • Leverage Okta, Auth0, and related APIs to automate identity workflows, integrations, and reporting
  • Troubleshoot and build API-based solutions to extend platform capabilities beyond native UI functionality
  • Configure and manage SSO connections for external clients and enterprise customers, acting as the primary technical point of contact for partner-side IT/security teams during setup
  • Gather and validate partner IdP metadata (OIDC) and configure corresponding Auth0 connections
  • Test and troubleshoot partner SSO connections end-to-end prior to go-live, resolving certificate, attribute mapping, and claims issues
  • Maintain documentation and a repeatable onboarding process for bringing new clients onto SSO
  • Apply working knowledge of AWS and AWS Identity Center (formerly AWS SSO) to support cloud identity federation and access management
  • Collaborate with cloud infrastructure teams to align identity governance across on-prem, SaaS, and cloud environments
  • Secure access to AI/ML platforms, tools, and resources, including LLM APIs, AI agents, and machine-to-machine authentication for AI-driven services
  • Apply IAM governance principles (least privilege, lifecycle management, auditing) to non-human identities and AI agents to mitigate emerging risks such as over-privileged connectors or unauthorized data access
  • Partner with engineering and security teams to define access and authentication standards for internally built and third-party AI tooling
  • Act as a trusted advisor to security, IT, and application teams on identity best practices and architecture decisions
  • Map IAM controls to compliance and Zero Trust frameworks (e.g., SOC 2, ISO 27001, NIST) in partnership with GRC teams
  • Mentor junior IAM engineers and contribute to the long-term IAM roadmap
  • Document standards, runbooks, and processes to mature the IAM program
  • Own vendor relationships and roadmap discussions with Okta, Auth0, and related identity vendors

Benefits

  • competitive compensation
  • equity
  • 401(k) match
  • Medical insurance
  • Dental insurance
  • Vision insurance
  • Disability insurance
  • Paid Parental Leave
  • wellness reimbursement
  • company-provided phone
  • personal development allowance
  • generous Paid Time Off (PTO)
  • observed holidays
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service