Skip to content
Applied IntuitionApplied IntuitionSunnyvale, CA

Technical Lead, Identity & Access Management

Hands-on technical lead owning end-to-end identity and access management, from IDP architecture to privileged access, secrets management, and AI agent governance. Drives Zero Trust implementation, IAM strategy, and cross-functional collaboration in cloud environments. Requires 8-12+ years in identity/security engineering.

180k – 230k/yr
On-site8+ YOESecurity Engineering

About the role

Responsibilities

  • Define the long-term IAM strategy, roadmap, and operating model across the enterprise and product ecosystem.
  • Assess and mature the current-state Identity Provider (IDP) architecture, identifying gaps and driving the path to a resilient, scalable design.
  • Drive all identity systems toward Zero Trust principles - secure, scalable, and frictionless by default.
  • Automate the full identity lifecycle beyond traditional IGA joiner-mover-leaver (JML) processes.
  • Implement and enforce RBAC for human and non-human identities at scale.
  • Define and operationalize least-privilege policies across all systems and environments.
  • Centralize secrets management - keys, tokens, certificates - across cloud and enterprise environments.
  • Design and deliver Privileged Access Management (PAM) for admin accounts spanning enterprise IT and cloud engineering.
  • Implement a scalable access management model for AI agents and bots.
  • Collaborate with IT Apps and infrastructure teams to enforce and enable SSO across the enterprise.
  • Own the implementation and governance of authentication protocols (SAML, OIDC, OAuth 2.0) and modern identity standards.
  • Partner with engineering, security, IT, compliance, and product teams to deliver access management capabilities that enable the business and satisfy audit requirements.
  • Translate complex identity requirements into clear, executable technical plans and communicate tradeoffs to senior stakeholders.

Requirements

  • 8 - 12+ years in identity engineering, security engineering, or a closely related discipline.
  • Hands-on architecture or engineering experience in cloud environments (AWS, GCP, or Azure).
  • Demonstrated track record of leading complex, cross-functional IAM programs from design through production.
  • Deep expertise in modern IAM technologies: directories (LDAP/AD), IDPs, federation, and authentication protocols (SAML, OIDC, OAuth 2.0).
  • Practical experience implementing Zero Trust identity models and PAM frameworks.
  • Strong understanding of identity governance, IGA tooling, and role lifecycle management.
  • Hands-on experience with secrets management platforms (e.g., HashiCorp Vault, AWS Secrets Manager, GCP Secret Manager).
  • Experience with non-human identity and machine identity management in large-scale environments.
  • Experience building access controls for AI workloads, agents, or service accounts at scale.
  • Familiarity with SCIM provisioning and automated IGA workflows.
  • Excellent communication and influencing skills.

Nice to Have

  • Security certifications such as CISSP, GIAC, or similar.
  • Solid grasp of compliance frameworks relevant to identity (SOC 2, ISO 27001, NIST, or similar) and experience supporting audit processes.

Compensation

Base salary range: $180,000 - $230,000 USD annually. Total compensation includes equity, comprehensive health/dental/vision insurance, 401k match, learning/wellness stipends, and paid time off.

Skills

IAMZero TrustRBACPamSSOSAMLOIDCOauth 2.0Hashicorp VaultAws Secrets ManagerGcp Secret ManagerSCIMIgaLdapActive Directory
Postman

Senior GRC Engineer

PostmanSan Francisco, CA

Senior GRC Engineer responsible for designing, building, and operating automation, integrations, and AI-assisted workflows across governance, risk, and compliance. Leads compliance initiatives including SOC 2, ISO 27001, HIPAA, and FedRAMP while partnering with cross-functional teams to improve security assurance and audit readiness.

180k – 200k/yr
On-site6+ YOESecurity Engineering
Monarch

Senior Application Security Engineer

MonarchUnited States

Senior Application Security Engineer embedded with product and engineering teams at Monarch, a personal finance platform. Conduct AppSec reviews, SAST/DAST, vulnerability management, and AI security for LLM features on Django/Python stack. Requires 5+ years in security engineering with Python and web security expertise.

180k – 215k/yr
Remote5+ YOESecurity Engineering
Temporal

Senior Security Engineer, GRC

TemporalUnited States

Senior GRC engineer owning customer security questionnaires, compliance automation, risk assessments, and policy management across SOC 2, ISO 27001, and HIPAA. Requires 8+ years experience, scripting skills, and strong customer-facing communication.

180k – 225k/yr
Remote8+ YOESecurity Engineering
Kaizen Labs

Senior Security Engineer

Kaizen LabsNew York, NY

Own end-to-end security architecture, compliance (FedRAMP, CMMC), and secure supply chain practices for a federal-focused government platform on AWS. Lead technical readiness and drive secure-by-default engineering in an early-stage environment.

180k – 220k/yr
Hybrid5+ YOESecurity Engineering
Lumin Digital

Manager, Network Security

Lumin DigitalUnited States

Lead and build a new network security function at a fintech company, managing a team of engineers, setting technical direction for cloud-native network security architecture, and establishing automated, identity-aware security controls across cloud, SD-WAN, and ZTNA environments.

180k – 200k/yr
Remote7+ YOESecurity Engineering