As a Principal Engineer on the Identity Services team, your role is to lead formation of technical strategy and assist in both planning and implementing work related to IAM services supported by the team. You will be responsible for designing, implementing, and maintaining robust identity and access management (IAM) solutions that ensure the security and privacy of the digital ecosystem while applying least privilege principles. The role involves working with various stakeholders to ensure seamless provisioning, deprovisioning, authentication and authorization of user access to systems, applications, and data while maintaining the highest security standards. The ideal candidate will have deep experience with identity and access management frameworks, hands-on experience with IAM technologies, and a strong understanding of security protocols, compliance standards, and cloud environments. You are an IAM guru and will be supporting a high-volume 24x7 production environment. You will provide technical mentorship and guidance to junior team members. You are passionate and self-starting, and capable of working on high risk-undertakings. You will write tools to automate routine and complex tasks and troubleshoot application and infrastructure issues. The position includes collaboration with various teams to design a scalable and supportable service-oriented architecture. This role will be expected to be a subject matter expert on many of these IAM services, and help drive efforts to improve automation, tooling, identity governance, and access technologies .
- Tactical Work (15%): Critical operations support, incident response, and implementation of urgent security fixes. This includes hands-on coding, debugging, and deploying fixes when necessary.
- Security Architecture (35%): Design architectures that enable seamless integration and consumption of secure identity services. Conduct security reviews, implement Zero Trust design patterns, and lead PAM implementation. This involves creating documentation, diagrams, and proof-of-concepts.
- Strategic Work (50%): Participate in planning sessions, roadmap discussions, and architecture reviews. Lead identity security transformation initiatives and establish enterprise identity strategy aligned with business objectives.
We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
Human Resources Request Form. The EEOC "Know Your Rights" Poster is available
here.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
- Extensive Microsoft Active Directory (and related components such as Group Policy, ADFS, LDAP, AD integrated DNS) expertise, experience with newer versions such as server 22 or 25 and correlated sec features
- Okta identity solution platform advanced configuration and security hardening
- Two-factor authentication best practices, and hardware key management (they use YubiKey)
- Oauth authentication
- Identity lifecycle management (provisioning, deprovisioning) and integration with systems
- Adaxes unified Active Directory management platform
- Jumpbox / bastion host access management practices
- DevOps and SRE: Experience with Gitlab, CI/CD tooling, Monitoring and Alerting, and SRE practices.
- Compliance and Security: Understanding of PCI Compliance and Security Best Practices.
- Software Engineering: Desired experience in software development, including but not limited to coding in languages like Python, Java, or Go, understanding of software design patterns, and experience with code reviews and version control systems like Git.
- Experience managing large-scale Linux (preferred) and/or Windows (bonus) infrastructure
- Cloud Expertise: Solid understanding of cloud services like AWS or GCP
- Agile Practices: Must have experience with Agile methodologies.
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.