# Senior Identity Security Engineer **Company:** [Palantir](https://hotfix.jobs/companies/palantir) **Location:** New York, NY **Experience:** 5+ years **Skills:** Entra Id, Okta, SAML, OIDC, Oauth 2.0, SCIM, Fido2, Webauthn, Go, Python, PowerShell, TypeScript, RBAC, Abac, IAM **Posted:** 2026-05-28 > Senior Identity Security Engineer responsible for securing Palantir's workforce, customer, workload, and agent identity infrastructure. Requires 5+ years in IAM/security with deep protocol expertise and hands-on experience with enterprise IdPs. ## Job Description ## Core Responsibilities - Own the day-to-day identity security posture across corporate, production, customer, and US Government identity planes - Drive the rollout of agent identity infrastructure - short-lived credentials, lifecycle bound to a human principal, controlled workload onboarding - Architect authentication, federation, and authorization systems - including SAML, OIDC, and policy-driven access control models (RBAC, ABAC, policy-as-code) - across workforce and workload identity - Scale non-human identity patterns across service, workload, and agent populations - short-lived credentials, mTLS, identity-based networking - Drive adoption of just-in-time access patterns across the identity program, partnering with platform and engineering teams on governance rollout and policy enforcement - Lead identity threat modeling on a regular cadence; publish findings and track remediation - Serve as a primary security reviewer on identity architecture decisions and cross-team RFCs - Research and drive adoption of emerging identity security primitives and standards in partnership with Security Engineers across InfoSec - Partner with engineering teams across Palantir to reduce the attack surface of identity integrations at scale ## What We Value - Experience with cloud IAM and workload identity patterns - service accounts and identity-based access in distributed environments - Experience designing or evaluating non-human identity (NHI) architectures - service, workload, and agent - and a strong point of view on where the industry is headed - Familiarity with privileged access management and secrets management patterns at scale - A track record of reducing standing access and shifting organizations toward just-in-time access postures in production environments - Experience with identity governance platforms and a clear-eyed view of their security implications - Identity threat detection and response experience, including detection engineering against identity telemetry - Red team, offensive security, or incident response background - especially with an identity focus - Exposure to regulated environments (FedRAMP, SOX, IL-levels) - Desire to further the identity security community through substantive contributions (e.g. conference talks, blog posts, public tool development, RFCs) - Current US security clearance, or eligibility to obtain clearance ## What We Require - 5+ years of experience in Information Security, Identity and Access Management, or an equivalent discipline, with demonstrated depth in identity-specific security - Hands-on production experience with at least one enterprise identity provider (Entra ID, Okta, or equivalent), including its governance and security surface - Deep technical proficiency in identity protocols (SAML, OIDC, OAuth 2.0, SCIM, FIDO2, WebAuthn) and their attack surface - Working proficiency in Go, Python, PowerShell, or TypeScript - enough to prototype tooling, analyze identity-handling code for security defects, scale automation across the environment, and engage in code review - Strong communication skills and ability to communicate to a wide-ranging audience - from engineer-facing design reviews to leadership-facing risk calls **Apply:** https://hotfix.jobs/jobs/senior-identity-security-engineer-at-palantir-b604eae0-08bc-4e28-802d-93c0e11600f4 **Canonical:** https://hotfix.jobs/jobs/senior-identity-security-engineer-at-palantir-b604eae0-08bc-4e28-802d-93c0e11600f4