# Senior Identity Security Engineer

**Company:** [Palantir](https://hotfix.jobs/companies/palantir)
**Location:** New York, NY, Palo Alto, CA
**Role:** Security Engineering
**Experience:** 5+ years
**Skills:** Entra Id, Okta, SAML, OIDC, Oauth 2.0, SCIM, Fido2, Webauthn, Go, Python, PowerShell, TypeScript, RBAC, Abac, IAM
**Posted:** 2026-05-28

> Senior Identity Security Engineer responsible for securing Palantir's workforce, customer, workload, and agent identity infrastructure. Requires 5+ years in IAM/security with deep protocol expertise and hands-on experience with enterprise IdPs.

## Job Description

## Core Responsibilities
- Own the day-to-day identity security posture across corporate, production, customer, and US Government identity planes
- Drive the rollout of agent identity infrastructure - short-lived credentials, lifecycle bound to a human principal, controlled workload onboarding
- Architect authentication, federation, and authorization systems - including SAML, OIDC, and policy-driven access control models (RBAC, ABAC, policy-as-code) - across workforce and workload identity
- Scale non-human identity patterns across service, workload, and agent populations - short-lived credentials, mTLS, identity-based networking
- Drive adoption of just-in-time access patterns across the identity program, partnering with platform and engineering teams on governance rollout and policy enforcement
- Lead identity threat modeling on a regular cadence; publish findings and track remediation
- Serve as a primary security reviewer on identity architecture decisions and cross-team RFCs
- Research and drive adoption of emerging identity security primitives and standards in partnership with Security Engineers across InfoSec
- Partner with engineering teams across Palantir to reduce the attack surface of identity integrations at scale

## What We Value
- Experience with cloud IAM and workload identity patterns - service accounts and identity-based access in distributed environments
- Experience designing or evaluating non-human identity (NHI) architectures - service, workload, and agent - and a strong point of view on where the industry is headed
- Familiarity with privileged access management and secrets management patterns at scale
- A track record of reducing standing access and shifting organizations toward just-in-time access postures in production environments
- Experience with identity governance platforms and a clear-eyed view of their security implications
- Identity threat detection and response experience, including detection engineering against identity telemetry
- Red team, offensive security, or incident response background - especially with an identity focus
- Exposure to regulated environments (FedRAMP, SOX, IL-levels)
- Desire to further the identity security community through substantive contributions (e.g. conference talks, blog posts, public tool development, RFCs)
- Current US security clearance, or eligibility to obtain clearance

## What We Require
- 5+ years of experience in Information Security, Identity and Access Management, or an equivalent discipline, with demonstrated depth in identity-specific security
- Hands-on production experience with at least one enterprise identity provider (Entra ID, Okta, or equivalent), including its governance and security surface
- Deep technical proficiency in identity protocols (SAML, OIDC, OAuth 2.0, SCIM, FIDO2, WebAuthn) and their attack surface
- Working proficiency in Go, Python, PowerShell, or TypeScript - enough to prototype tooling, analyze identity-handling code for security defects, scale automation across the environment, and engage in code review
- Strong communication skills and ability to communicate to a wide-ranging audience - from engineer-facing design reviews to leadership-facing risk calls

## Similar roles

- [Senior Software Engineer](https://hotfix.jobs/jobs/2ad28874-4486-42ff-949a-ec54985c2762) - Snowflake - Bellevue, WA - $200k – $288k/yr
- [Software Security Engineering Manager, Secure Frameworks](https://hotfix.jobs/jobs/26e1ecde-76c2-491f-951c-78e9c075c076) - Anthropic - San Francisco, CA - $405k – $485k/yr
- [Founding Security Engineer](https://hotfix.jobs/jobs/6deb6526-e0c3-42a9-9c29-360c4354d869) - Forus - New York, NY
- [Manager, Supply Chain Protection & Loss Intelligence](https://hotfix.jobs/jobs/9e3a84ce-58cf-480f-bf1d-6fefa2cf89bf) - Flexport - Miami, FL
- [Physical Security Manager](https://hotfix.jobs/jobs/053f4772-7be2-438c-b890-e7752ae44a12) - Crusoe - Dallas, TX

**Apply:** https://hotfix.jobs/jobs/b604eae0-08bc-4e28-802d-93c0e11600f4
**Canonical:** https://hotfix.jobs/jobs/b604eae0-08bc-4e28-802d-93c0e11600f4