Skip to content
ValonValonNew York, NY

Senior Security Engineer, Identity & Access Management

Designs, implements, and operates enterprise IAM systems for workforce and customer-facing authentication in ValonOS, including IdP management, secure protocols, cloud IAM, and AI-assisted workflows. Requires 5+ years IAM experience, deep protocol expertise, and IdP hands-on skills.

180k – 230k
Remote5+ YOESecurity Engineering

About the role

Responsibilities

  • Design and support end-to-end lifecycle of workforce identity systems including identity automation, access management, and least-privilege enforcement across internal systems
  • Support design of secure identity design patterns for product teams building on ValonOS
  • Manage and evolve Valon's IdP in conjunction with IT including SSO integrations, MFA policies, conditional access rules, and directory synchronization
  • Define and enforce RBAC and group-based access policies for internal applications, cloud environments, and development tooling
  • Support privileged access management (PAM) for internal infrastructure in conjunction with Engineering teams
  • Design and build AI-assisted workflows that automate and accelerate core IAM operations
  • Evaluate AI risks across IAM pipelines, ensuring appropriate security controls around data exposure, prompt injection and other threats
  • Collaborate with Product, Engineering, Data, Compliance, Legal, and other teams to identify and drive mitigation for data security risks
  • Support other operational and on-call duties such as vulnerability management, regulatory compliance (SOC 2, CCPA, NYDFS, FTC), policy development, incident response and security reviews

Ideal Background

  • Extensive hands-on IAM security engineer with proven ownership of enterprise identity solutions, able to operate autonomously, drive complex cross-functional efforts, and influence across teams
  • Deep expertise in modern identity protocols and standards: SAML 2.0, OIDC/OAuth 2.0, SCIM, LDAP, and related specifications
  • Proven experience administering and scaling IdP platforms (e.g., Okta, Azure AD / Entra ID, Google Workspace) including SSO, MFA, conditional access, and directory sync
  • Solid background in cloud IAM (GCP preferred), including service accounts, workload identity federation, and policy-as-code approaches
  • Strong expertise in building PAM solutions / identity vaults and enforcing least-privilege across human and non-human identities
  • Experience building AI/LLM-powered workflows — ideally in a security or operations context — with a practical understanding of the identity and access risks they introduce
  • Familiarity with securing non-human and agentic identities, including AI service accounts, API key governance, and audit logging for automated systems
  • Applied knowledge with industry security and compliance frameworks (OWASP, NIST, CIS, SOC 2/ISO 27001 concepts)

Minimum Qualifications

  • 5+ years in security engineering roles with a core focus on identity and access management
  • Bachelor's degree in Information Security, Computer Science, Technology or related field
  • Relevant security certifications (e.g., CISSP, CISM, CCSK, CCSP or similar)
  • Hands-on experience with an enterprise IdP (Okta, Entra ID, or Google Workspace) including SSO, MFA, SCIM
  • Deep understanding of authentication and authorization models across applications - SAML, OIDC/OAuth 2.0, RBAC, ABAC, and API access controls
  • Hands-on experience with modern identity security technologies and tooling

Compensation

Base Compensation Band: $180K - 230K. Base salary offered is determined by a number of factors including the candidate’s experience, qualifications, and skills. Competitive salary with equity and 401k.

Skills

OktaAzure AdEntra IdGoogle WorkspaceSaml 2.0OIDCOauth 2.0SCIMLdapGCPRBACPamMFASSOCissp
Postman

Senior GRC Engineer

PostmanSan Francisco, CA

Senior GRC Engineer responsible for designing, building, and operating automation, integrations, and AI-assisted workflows across governance, risk, and compliance. Leads compliance initiatives including SOC 2, ISO 27001, HIPAA, and FedRAMP while partnering with cross-functional teams to improve security assurance and audit readiness.

180k – 200k
On-site6+ YOESecurity Engineering
Monarch

Senior Application Security Engineer

MonarchUnited States

Senior Application Security Engineer embedded with product and engineering teams at Monarch, a personal finance platform. Conduct AppSec reviews, SAST/DAST, vulnerability management, and AI security for LLM features on Django/Python stack. Requires 5+ years in security engineering with Python and web security expertise.

180k – 215k
Remote5+ YOESecurity Engineering
Temporal

Senior Security Engineer, GRC

TemporalUnited States

Senior GRC engineer owning customer security questionnaires, compliance automation, risk assessments, and policy management across SOC 2, ISO 27001, and HIPAA. Requires 8+ years experience, scripting skills, and strong customer-facing communication.

180k – 225k
Remote8+ YOESecurity Engineering
Kaizen Labs

Senior Security Engineer

Kaizen LabsNew York, NY

Own end-to-end security architecture, compliance (FedRAMP, CMMC), and secure supply chain practices for a federal-focused government platform on AWS. Lead technical readiness and drive secure-by-default engineering in an early-stage environment.

180k – 220k
Hybrid5+ YOESecurity Engineering
Lumin Digital

Manager, Network Security

Lumin DigitalUnited States

Lead and build a new network security function at a fintech company, managing a team of engineers, setting technical direction for cloud-native network security architecture, and establishing automated, identity-aware security controls across cloud, SD-WAN, and ZTNA environments.

180k – 200k
Remote7+ YOESecurity Engineering