Designs, implements, and operates enterprise IAM systems for workforce and customer-facing authentication in ValonOS, including IdP management, secure protocols, cloud IAM, and AI-assisted workflows. Requires 5+ years IAM experience, deep protocol expertise, and IdP hands-on skills.
180k – 230k
Remote5+ YOESecurity Engineering
About the role
Responsibilities
Design and support end-to-end lifecycle of workforce identity systems including identity automation, access management, and least-privilege enforcement across internal systems
Support design of secure identity design patterns for product teams building on ValonOS
Manage and evolve Valon's IdP in conjunction with IT including SSO integrations, MFA policies, conditional access rules, and directory synchronization
Define and enforce RBAC and group-based access policies for internal applications, cloud environments, and development tooling
Support privileged access management (PAM) for internal infrastructure in conjunction with Engineering teams
Design and build AI-assisted workflows that automate and accelerate core IAM operations
Evaluate AI risks across IAM pipelines, ensuring appropriate security controls around data exposure, prompt injection and other threats
Collaborate with Product, Engineering, Data, Compliance, Legal, and other teams to identify and drive mitigation for data security risks
Support other operational and on-call duties such as vulnerability management, regulatory compliance (SOC 2, CCPA, NYDFS, FTC), policy development, incident response and security reviews
Ideal Background
Extensive hands-on IAM security engineer with proven ownership of enterprise identity solutions, able to operate autonomously, drive complex cross-functional efforts, and influence across teams
Deep expertise in modern identity protocols and standards: SAML 2.0, OIDC/OAuth 2.0, SCIM, LDAP, and related specifications
Proven experience administering and scaling IdP platforms (e.g., Okta, Azure AD / Entra ID, Google Workspace) including SSO, MFA, conditional access, and directory sync
Solid background in cloud IAM (GCP preferred), including service accounts, workload identity federation, and policy-as-code approaches
Strong expertise in building PAM solutions / identity vaults and enforcing least-privilege across human and non-human identities
Experience building AI/LLM-powered workflows — ideally in a security or operations context — with a practical understanding of the identity and access risks they introduce
Familiarity with securing non-human and agentic identities, including AI service accounts, API key governance, and audit logging for automated systems
Applied knowledge with industry security and compliance frameworks (OWASP, NIST, CIS, SOC 2/ISO 27001 concepts)
Minimum Qualifications
5+ years in security engineering roles with a core focus on identity and access management
Bachelor's degree in Information Security, Computer Science, Technology or related field
Relevant security certifications (e.g., CISSP, CISM, CCSK, CCSP or similar)
Hands-on experience with an enterprise IdP (Okta, Entra ID, or Google Workspace) including SSO, MFA, SCIM
Deep understanding of authentication and authorization models across applications - SAML, OIDC/OAuth 2.0, RBAC, ABAC, and API access controls
Hands-on experience with modern identity security technologies and tooling
Compensation
Base Compensation Band: $180K - 230K. Base salary offered is determined by a number of factors including the candidate’s experience, qualifications, and skills. Competitive salary with equity and 401k.
Senior GRC Engineer responsible for designing, building, and operating automation, integrations, and AI-assisted workflows across governance, risk, and compliance. Leads compliance initiatives including SOC 2, ISO 27001, HIPAA, and FedRAMP while partnering with cross-functional teams to improve security assurance and audit readiness.
180k – 200k
On-site6+ YOESecurity Engineering
Senior Application Security Engineer
MonarchUnited States
Senior Application Security Engineer embedded with product and engineering teams at Monarch, a personal finance platform. Conduct AppSec reviews, SAST/DAST, vulnerability management, and AI security for LLM features on Django/Python stack. Requires 5+ years in security engineering with Python and web security expertise.
180k – 215k
Remote5+ YOESecurity Engineering
Senior Security Engineer, GRC
TemporalUnited States
Senior GRC engineer owning customer security questionnaires, compliance automation, risk assessments, and policy management across SOC 2, ISO 27001, and HIPAA. Requires 8+ years experience, scripting skills, and strong customer-facing communication.
180k – 225k
Remote8+ YOESecurity Engineering
Senior Security Engineer
Kaizen LabsNew York, NY
Own end-to-end security architecture, compliance (FedRAMP, CMMC), and secure supply chain practices for a federal-focused government platform on AWS. Lead technical readiness and drive secure-by-default engineering in an early-stage environment.
180k – 220k
Hybrid5+ YOESecurity Engineering
Manager, Network Security
Lumin DigitalUnited States
Lead and build a new network security function at a fintech company, managing a team of engineers, setting technical direction for cloud-native network security architecture, and establishing automated, identity-aware security controls across cloud, SD-WAN, and ZTNA environments.