Remote Security Jobs in Remote, OR (NOW HIRING)

Summary

The Lead Identity and Access Management Engineer is responsible for designing, implementing, and continuously improving enterprise IAM platforms while providing technical leadership across authentication, authorization, identity governance, and lifecycle management. This role serves as the IAM technical lead, defining and enforcing the operating model, including oversight of offshore administration processes to ensure secure, consistent, and auditable execution. The position owns identity security across both human and non-human identities, including workforce, service, application, and API identities. It also governs authentication mechanisms, token-based access, and service-to-service interactions across cloud and enterprise environments. Strong ownership of platforms such as PingID, Auth0, Duo, and Microsoft Entra ID is required, with a focus on modern authentication, MFA, SSO, and scalable identity governance. This includes governance of identity and access within AWS environments, including IAM roles, policies, and federated access. 

Duties & Responsibilities

• Design, implement, and maintain IAM solutions across PingID, Auth0, Duo, Microsoft Entra ID, and AWS IAM environments.
• Serve as the technical lead for IAM, defining architecture, standards, and the overall operating model.
• Develop and enforce IAM processes and governance frameworks, including oversight of offshore operations, SLAs, and quality controls.
• Own identity lifecycle management (joiner, mover, leaver), including automation of provisioning and deprovisioning.
• Lead identity governance efforts, including access reviews, RBAC/ABAC models, and compliance with regulatory requirements.
• Manage authentication and access controls, including SSO, MFA, conditional access, privileged access, and non-human identities (APIs, service accounts).
• • Design, implement, and govern AWS IAM including roles, policies, permission boundaries, and identity federation.
  • Manage AWS IAM roles for human and non-human identities, including service roles, cross-account access, and workload identities.
  • Implement and enforce least privilege access within AWS through policy design and role scoping.
  • Integrate AWS IAM with enterprise identity providers (Entra ID, Auth0) for federated access and SSO.
  • Govern access to AWS resources including management of access keys, role assumption, and temporary credentials.
  • Define and enforce controls for AWS service identities, including Lambda, EC2, and container-based workloads.
• API / Token / Secrets
• • Align AWS IAM roles and temporary credential usage with token lifecycle and secrets management strategies.
• Priviledged Access Management
• • The role includes ownership of cloud identity platforms, including AWS IAM, with responsibility for managing identities, roles, and access controls across multi-cloud environments.
• Partner cross-functionally to integrate modern authentication protocols (SAML, OAuth, OIDC, SCIM), drive automation, support audits, and mentor IAM team members.

Qualifications & Requirements

Required Education, Experience, Certification/Licensure

• Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or related technical field, or equivalent practical experience.
• 7+ years of experience in cybersecurity or IT, with at least 5 years focused on Identity and Access Management.
• Demonstrated hands on experience with PingID, Auth0, Duo, and Microsoft Entra ID.
• Proven experience designing and operating IAM programs, including governance, lifecycle management, and offshore operating models.
• Experience managing both human and non-human identities including service accounts, API identities, and application identities.
• Strong understanding of authentication and authorization protocols including SAML, OAuth 2.0, OIDC, LDAP, and Kerberos.
• Experience implementing identity lifecycle automation and provisioning frameworks.
• Experience with privileged access management concepts and technologies.
• Experience supporting hybrid environments integrating on premises Active Directory with Entra ID.

Preferred Education, Experience, Certification/Licensure

• Industry certifications such as CISSP, CISM, Microsoft Identity and Access Administrator, or relevant IAM certifications.
• Experience with identity governance and administration platforms.
• Experience in regulated environments aligned to SOX, HIPAA, PCI DSS, or NIST frameworks.
• Experience with secrets management and vault technologies.
• Experience with scripting or automation using PowerShell, Python, or similar tools.

KNOWLEDGE, SKILLS AND ABILITIES (KSAs)

• Deep expertise in identity security, zero trust architecture, and access governance frameworks.
• Strong understanding of AWS IAM concepts including roles, policies, trust relationships, and cross-account access.
• Knowledge of cloud identity patterns including federated access and workload identity in AWS.
• Strong knowledge of modern authentication and access controls, including MFA, passwordless, API security, and service-to-service authentication.
• Ability to design scalable IAM architectures and operating models supporting both human and non-human identities across distributed environments.
• Strong analytical, problem-solving, and process design skills, with the ability to translate complex requirements into standardized procedures and runbooks.
• Effective communication, documentation, and stakeholder management skills, with the ability to drive accountability and consistency across teams.