Principal Security Engineer – Identity & Access

Engineer the Identity Lifecycle (JML & SoD): Take on our workforce identity and access ecosystem. You will engineer a highly automated Joiner-Mover-Leaver (JML) machine, implementing robust access certifications, Separation of Duties (SoD), and unified IGA frameworks that scale with our hyper-growth.

Federation, Zero Trust & Integration: Design and scale our authentication and authorization foundations across cloud, SaaS, and on-premise environments. You will lead identity federation leveraging SAML, OAuth2, OpenID Connect, and SCIM, while driving the adoption of Zero Trust architecture and Adaptive MFA across the enterprise.

M&A & Enterprise Transformation: As a rapidly expanding global fintech, we acquire and scale. You will lead the identity integration strategy for mergers, acquisitions, and massive enterprise transformation initiatives, securely and seamlessly folding new organizations into our identity ecosystem.

Zero-Ego Execution: As a senior technical anchor on the team, you lead by example. You will get your hands dirty. You will configure the integrations, write the RBAC policies, engineer the IGA platforms, and untangle access flows yourself.

Codify Governance & Shift Left: You will design self-service identity workflows, automated controls, and identity KPIs that force business leaders (the first line of defense) to explicitly own and accept their access risks. You translate written compliance policies into code.

Be the IAM Diplomat: When you change how developers and commercial teams authenticate, there is always friction. You will be a key face of our identity transformation. You must have the extreme patience, persistence, and EQ to negotiate with engineering directors, bringing them along and enforcing security without alienating them.

Resilient Problem Solver: You don't get stuck. Where others see a messy legacy setup, you see an exciting puzzle. You don't get paralyzed or frustrated by organizational friction; you thrive on using the latest technologies and original thinking to solve long-standing identity problems.

Track Record Over Tenure: We do not care about arbitrary "years of experience." We care about outcomes. You must have a proven track record of designing, building, or scaling Identity and Access programs in fast-paced, complex environments.

Deep IGA & Protocol Expertise: You possess solid, hands-on experience with modern workforce identity systems, lifecycle processes (JML, SoD, Certifications), protocols (SAML, OIDC, OAuth2, SCIM), RBAC/ABAC models, and enterprise identity platforms (e.g., SailPoint, Saviynt, Okta).

Pragmatic Operator Mindset: You understand that security cannot kill velocity. You know how to find the critical balance between enforcing strict, least-privilege security and maintaining high usability for the business.

Disciplined Multi-Threading: You are ruthlessly organized, capable of driving an enterprise identity strategy while simultaneously troubleshooting an immediate, ground-level access escalation.

Force Multiplier: You elevate the engineers around you. You bring strong mentoring, leadership, and documentation capabilities, ensuring that the systems you design are highly scalable, well-understood, and easily maintained by the wider organization.

Experience navigating the identity and access requirements of highly regulated environments (PCI-DSS, SOX, SOC 2).

Familiarity with machine identity governance, secrets management, and API access.

Relevant industry certifications demonstrating your dedication to the identity domain.