Principal Infrastructure Engineer

Blackhawk NetworkPleasanton, CA
$170,360 - $230,000Hybrid

About The Position

As a Principal IAM Engineer, you'll lead the strategic vision and technical direction of our identity and access management program, shaping how we leverage IAM principles and emerging technologies to build a world-class identity governance framework. You'll be the technical architect who designs and implements comprehensive IAM solutions across our complex multi-domain environment, establishing the foundational practices and standards that will govern access security for years to come. This role combines deep technical mastery in areas like identity lifecycle management, access governance, privileged access management, and authentication/authorization protocols with influential leadership that guides both technology decisions and organizational IAM maturity. Your work will directly impact the security, compliance, and operational efficiency of our entire organization. YOU'D LOVE THIS JOB IF you're passionate about establishing IAM best practices from the ground up and love the challenge of building a comprehensive identity governance program in a complex, fragmented environment you thrive on being the technical visionary who doesn't just solve today's access and entitlement challenges, but architects the foundational principles and strategies that mature the organization's entire IAM posture you find deep satisfaction in leading and influencing cross-functional teams without direct reports, knowing that your technical guidance and program ownership shapes how the entire organization thinks about identity, access, and security you excel at translating sophisticated IAM concepts into strategic roadmaps that align with compliance requirements (PCI DSS, SOC2, NYDFS) and get stakeholders excited about identity governance investments

Requirements

  • BA + 12+ years experience in identity and access management, directory services, or equivalent relevant experience
  • Technical master in IAM principles and methodologies including identity lifecycle management, role-based access control (RBAC), identity governance & administration (IGA), privileged access management (PAM), and access certification
  • Expert-level understanding of identity protocols and standards such as SAML, OAuth, OIDC, SCIM, LDAP, and Kerberos
  • Deep experience with enterprise directory services (Active Directory, Azure AD) and modern identity platforms; Okta experience highly valued
  • Proven ability to architect and implement IAM solutions in complex, multi-domain environments with legacy system constraints
  • Strong understanding of compliance frameworks (PCI DSS, SOC2, SOX, NYDFS) and how IAM controls support regulatory requirements
  • Experience with ITSM platforms (ServiceNow) for access request and workflow automation
  • Demonstrated ability to build IAM programs from foundational concepts through mature operational state
  • AI fluency with demonstrated experience using AI tools effectively in the context of this role
  • Excellent communication skills with ability to influence senior stakeholders and drive organizational change without direct authority

Nice To Haves

  • Okta experience highly valued

Responsibilities

  • Leads the overall strategy & direction of the organization's identity and access management program, serving as the principal architect and program owner
  • Establishes IAM principles, standards, and best practices across identity lifecycle management, identity governance & administration (IGA), privileged access management (PAM), and access request/entitlement processes
  • Designs & implements comprehensive identity governance solutions to consolidate fragmented identity systems (multiple AD domains, Okta tenants) into a unified, compliant architecture
  • Provides technical vision in the deployment of authentication, authorization, provisioning, and access governance technologies across heterogeneous environments
  • Partners with Compliance, Security, and IT Operations teams to ensure IAM solutions meet regulatory requirements and security objectives
  • Develops access request workflows, entitlement models, and identity governance processes that balance security with operational efficiency
  • Mentors and upskills existing IT staff on IAM principles and best practices, building organizational competency in identity management
  • Evaluates emerging IAM technologies and methodologies (zero trust, passwordless authentication, identity threat detection) to keep the organization at the forefront of access security

Benefits

  • 401k with employer match
  • medical
  • dental
  • vision
  • 12 paid holidays in the year 2026
  • 1 hour of sick pay accrual for every 30 hours worked
  • parental leave
  • life insurance
  • disability insurance
  • accident and illness insurance
  • health and dependent care flexible spending accounts
  • wellness benefits
  • flexible time off for all full-time employees
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service