Technical Lead, Identity & Access Management

About The Position

Requirements

• 8 - 12+ years in identity engineering, security engineering, or a closely related discipline.
• Hands-on architecture or engineering experience in cloud environments (AWS, GCP, or Azure).
• Demonstrated track record of leading complex, cross-functional IAM programs from design through production.
• Deep expertise in modern IAM technologies: directories (LDAP/AD), IDPs, federation, and authentication protocols (SAML, OIDC, OAuth 2.0).
• Practical experience implementing Zero Trust identity models and PAM frameworks.
• Strong understanding of identity governance, IGA tooling, and role lifecycle management.
• Hands-on experience with secrets management platforms (e.g., HashiCorp Vault, AWS Secrets Manager, GCP Secret Manager).
• Experience with non-human identity and machine identity management in large-scale environments.
• Experience building access controls for AI workloads, agents, or service accounts at scale.
• Familiarity with SCIM provisioning and automated IGA workflows.
• Excellent communication and influencing skills - you can make identity concepts accessible to non-technical audiences and drive alignment without authority.

Nice To Haves

• Security certifications such as CISSP, GIAC, or similar.
• Solid grasp of compliance frameworks relevant to identity (SOC 2, ISO 27001, NIST, or similar) and experience supporting audit processes.

Responsibilities

• Define the long-term IAM strategy, roadmap, and operating model across the enterprise and product ecosystem.
• Assess and mature the current-state Identity Provider (IDP) architecture, identifying gaps and driving the path to a resilient, scalable design.
• Drive all identity systems toward Zero Trust principles - secure, scalable, and frictionless by default.
• Automate the full identity lifecycle beyond traditional IGA joiner-mover-leaver (JML) processes.
• Implement and enforce RBAC for human and non-human identities at scale.
• Define and operationalize least-privilege policies across all systems and environments.
• Centralize secrets management - keys, tokens, certificates - across cloud and enterprise environments.
• Design and deliver Privileged Access Management (PAM) for admin accounts spanning enterprise IT and cloud engineering.
• Implement a scalable access management model for AI agents and bots.
• Collaborate with IT Apps and infrastructure teams to enforce and enable SSO across the enterprise.
• Own the implementation and governance of authentication protocols (SAML, OIDC, OAuth 2.0) and modern identity standards.
• Partner with engineering, security, IT, compliance, and product teams to deliver access management capabilities that enable the business and satisfy audit requirements.
• Translate complex identity requirements into clear, executable technical plans and communicate tradeoffs to senior stakeholders.

Benefits

• equity in the form of options and/or restricted stock units
• comprehensive health, dental, vision, life and disability insurance coverage
• 401k retirement benefits with employer match
• learning and wellness stipends
• paid time off