Sr Engineer, IAM

OptimumTown of Oyster Bay, NY
$100,246 - $164,689

About The Position

The Senior IAM Engineer is the technical anchor of the Customer IAM team. Where the IAM Engineer executes established patterns, the Senior Engineer defines them. You own the platform architecture, author the standards that every integration must meet, design the automation that keeps configuration consistent at scale, and provide the technical leadership that enables your teammates and application development teams to move faster and more securely. You operate with broad autonomy, making consequential decisions on Customer Identity Engine configuration, authentication policy design, IaC strategy, and security control architecture — while staying closely partnered with the Manager on roadmap direction and cross-functional relationships. This is a senior individual contributor role with significant influence over the team's technical trajectory.

Requirements

  • Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field (or equivalent experience)
  • 6+ years of experience in Identity & Access Management, security engineering, or a related technical field
  • Strong hands-on experience designing and operating CIAM or identity provider platforms at scale
  • Deep understanding of identity standards and protocols (OAuth 2.0, OpenID Connect, SAML, SCIM, FIDO2/WebAuthn)
  • Experience leading authentication modernization or large-scale IAM integration initiatives
  • Proficiency in at least one modern programming language (e.g., JavaScript, Python, Java, Go) for building integrations and automation
  • Experience implementing Infrastructure-as-Code and CI/CD practices for platform configuration
  • Proven ability to perform threat modeling, security reviews, and produce clear technical guidance
  • Experience working with compliance frameworks (e.g., SOX, SOC 2, PCI) and supporting audit activities
  • Demonstrated ability to mentor engineers and influence technical direction across teams
  • Applicants must be authorized to work for ANY employer in the U.S.
  • Please note that at this time, we do not provide visa sponsorship for employment.

Responsibilities

  • Own the architecture and design of the enterprise customer identity platform, including authentication policy frameworks, authorization models, and identity lifecycle standards
  • Define and enforce integration standards across identity protocols (OAuth 2.0, OpenID Connect, SAML, SCIM), ensuring consistency and scalability across all applications
  • Establish governance practices for platform configuration, including naming standards, policy structures, and change management controls
  • Lead the evaluation and adoption of new identity capabilities and platform features aligned to enterprise security and scalability goals
  • Lead the technical design of enterprise authentication modernization initiatives, defining integration patterns and reference architectures for application teams
  • Develop and maintain standardized migration frameworks for onboarding applications to modern CIAM solutions
  • Define token design, scope models, and session management strategies aligned to security and business requirements
  • Drive adoption of advanced authentication capabilities, including phishing-resistant and passwordless authentication
  • Identify and resolve cross-cutting architectural challenges impacting identity integrations across the application portfolio
  • Own the IAM developer experience, including integration guides, reference architectures, code samples, and reusable implementation patterns
  • Build and maintain reference implementations demonstrating best practices for authentication flows, token validation, and session management
  • Design and improve onboarding processes and self-service capabilities for application teams integrating with the CIAM platform
  • Lead architecture reviews for complex or high-risk integrations, providing clear, standards-based guidance and decision rationale
  • Foster a community of practice to promote identity best practices and knowledge sharing across engineering teams
  • Conduct threat modeling for the CIAM platform and application integrations, identifying risks and designing appropriate controls
  • Define and maintain identity security standards, including authentication assurance levels, MFA requirements, and session policies
  • Design and tune identity-related monitoring and detection capabilities, including integration with SIEM tools
  • Lead security design reviews for identity workflows, integrations, and custom services to ensure adherence to best practices
  • Support vulnerability management by assessing risks, prioritizing remediation, and driving resolution across the platform

Benefits

  • Competitive pay
  • Health insurance
  • Dental insurance
  • Vision insurance
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service