Identity Security Engineer
Role summary
Soni's client is seeking a Senior Identity Security Engineer to design, automate, and enhance identity lifecycle controls, federation, and governance across Okta, AWS IAM, and cloud environments. The primary focus is on eliminating manual processes through automation for provisioning, access changes, and deprovisioning. Responsibilities include building JML workflows, provisioning pipelines, implementing federation, developing automations using Okta Workflows and Lambda, governing non-human identities, engineering privileged access, and automating access reviews for compliance. The role requires a strong understanding of least-privilege access and identity governance, with proficiency in scripting languages and experience with Okta and AWS IAM.
Soni's client is looking for a hands-on
Senior Identity Security Engineer
to design, automate, and continuously improve identity lifecycle controls, federation, and governance across Okta, AWS IAM, and a modern SaaS/cloud environment.
This role is all about eliminating manual identity processes—building automation so provisioning, access changes, and deprovisioning happen reliably and at scale, without relying on ticket queues.
Responsibilities:
• Design and automate joiner/mover/leaver (JML) workflows using Okta, HRIS integrations, and APIs
• Build provisioning/deprovisioning pipelines and birthright access models
• Implement federation (SAML/OIDC/OAuth) and integrate SaaS applications with Okta
• Develop Okta Workflows, Lambda functions, and API-driven automations
• Govern non-human identities (service accounts, API keys, tokens) with strong lifecycle controls
• Engineer privileged access (PAM), secrets management, and least-privilege IAM architectures
• Automate access reviews, attestation, and compliance evidence for SOC 2 / HIPAA
• Eliminate manual identity operations through automation-first engineering
• Leverage AI-assisted development to accelerate workflow and integration delivery
Qualifications:
• 5+ years of IAM or security engineering experience
• Strong hands-on experience with Okta (Lifecycle Management, Workflows) and AWS IAM
• Experience building SAML/OIDC/OAuth federations and SaaS integrations
• Proficiency in Python, PowerShell, or JavaScript for automation and API work
• Proven track record automating identity processes (JML, access reviews, provisioning)
• Deep understanding of least-privilege access and identity governance
• Familiarity with SOC 2 / HIPAA identity controls
• Curiosity for emerging tools—especially AI-assisted development—and a drive to automate everything possible
• Ability to operate independently and deliver end-to-end engineering solutions
Nice to Have:
• Experience with PAM and just-in-time access models
• Non-human identity governance and secrets management
• Okta certifications or cloud/IaC experience (Terraform, CloudFormation)
• Background in regulated environments (healthcare, finance, insurance)
• Security certifications (GIAC, CISSP, etc.)
• Experience with tools like Claude Code, GitHub Copilot, Cursor, or similar
Compensation:
$120,000 to $135,000 annually
*Compensation is based on a range of factors that include relevant experience, knowledge, skills, other job-related qualifications*
.
Similar roles
- Senior Identity Security EngineerPalantir · Palo Alto, California, United States · Hybrid
- Senior Identity Security EngineerPalantir · New York, New York, United States · Hybrid
Identity Security EngineerLittle Caesars Pizza · Detroit, Michigan, United States · Onsite- Senior Identity Security EngineerContinental General · Austin, Texas, United States · Hybrid
Identity Security EngineerApptoza Inc. · Toronto, Ontario, Canada · Hybrid
