Principal Identity Engineer

Hard Rock Digitalβ€’United States, FL
β€’Hybrid

About The Position

Hard Rock Digital is building the best online sportsbook, casino, and social gaming company in the world. We are seeking a Principal Identity Engineer to be the technical authority on identity and access management. This is a senior role reporting directly to the VP Security / CISO, and you will be the first dedicated identity hire within a 16-person security organization. Your focus will be on architecture, automation, and governance to ensure secure access. The role requires a strategic and hands-on approach, with a deep understanding of modern security principles like blast radius, least privilege, and phishing-resistant authentication. You will own the identity domain end-to-end.

Requirements

  • 10+ years in identity and access management, security engineering, or a closely related field, or equivalent practical experience.
  • Deep, hands-on expertise with a modern enterprise identity platform (Microsoft Entra ID), including Conditional Access, PIM/PAM, authentication methods, and identity governance.
  • Strong command of identity protocols and patterns: SAML, OIDC, OAuth 2.0, SCIM, and modern MFA.
  • Experience automating the identity lifecycle and integrating identity across a large SaaS and multi-cloud estate.
  • Scripting and automation skills (PowerShell, Microsoft Graph API, Python) and comfort with Infrastructure as Code.
  • A track record of designing least privilege, just-in-time access in a real production environment.
  • Excellent written and verbal communication skills.
  • Fluency with AI, with hands-on experience applying AI to security or engineering work.

Nice To Haves

  • Experience in a regulated industry (gaming, financial services, healthcare).
  • Exposure to customer/player identity (CIAM) and KYC providers.
  • Passwordless or phishing-resistant MFA rollouts at scale.
  • Familiarity with Identity Threat Detection & Response (ITDR).
  • Relevant certifications (e.g., Microsoft Identity & Access Administrator, CISSP).

Responsibilities

  • Own the security architecture, standards, authentication methods, and roadmap for Microsoft Entra ID.
  • Design and refine Conditional Access policies.
  • Advance the rollout of phishing-resistant, passwordless authentication.
  • Own federation and single sign-on across the SaaS estate.
  • Own the privileged access model using Microsoft Entra PIM, including just-in-time elevation and approval workflows.
  • Design and maintain break-glass procedures and safeguards.
  • Reduce standing privilege and implement 'least privilege, just in time' access.
  • Automate the joiner-mover-leaver lifecycle for access management.
  • Build and run access reviews and entitlement governance, partnering with the GRC team for audit evidence.
  • Ensure access decisions are auditable, explainable, and continuously right-sized.
  • Govern service principles, managed identities, and workload/federated credentials across AWS, Azure, and GCP.
  • Partner on secrets governance to reduce long-lived secrets.
  • Serve as the identity authority for the Zero Trust program.
  • Partner on identity-aware access through Cloudflare Access.
  • Partner with Security Operations to integrate identity signals into detection and response.
  • Advise on customer identity (CIAM) and account-security architecture.

Benefits

  • Competitive pay and benefits
  • Flexible vacation allowance
  • A hybrid / remote working environment
  • Startup culture backed by a secure, global brand
Β© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service