Principal Identity Engineer - Cloud IAM / CIAM (Remote)
First American Financial Corp.
- Remote job
What We Do We are open to remote or hybrid candidates for this role. As a Principal Identity Engineer, you will own the technical strategy, architecture, and engineering execution for enterprise Identity and Access Management (IAM) across First American’s cloud and hybrid environments. This role is central to strengthening our security posture by delivering secure, scalable identity capabilities across our cloud environments (Azure AD/AWS/GCP). You will lead workforce IAM, partner/federation (B2B), and customer identity (CIAM) architecture where applicable; establish Zero Trust identity controls; and set enterprise standards for IAM-as-code using Terraform + GitHub with automation in Python/Bash/JSON. What You’ll Do Own the enterprise IAM strategy and target-state architecture across Microsoft Entra, AWS, and Google Cloud (OCI a plus). Define secure, scalable identity patterns for workforce, partner, and customer access that align with security, risk, and compliance requirements. Design and operationalize a Zero Trust identity model with continuous verification, risk-based access, and adaptive authentication. Reduce standing privilege through least privilege design, just-in-time (JIT) access, and standardized entitlement models. Hands‑on design and delivery of IAM capabilities including SSO, MFA, identity lifecycle, federation, and privileged access across cloud and hybrid environments. Lead modernization efforts, including migration from hybrid Active Directory to Entra ID–based authentication. Design and evolve customer identity (CIAM) solutions supporting web, mobile, and API platforms. Balance security, privacy, performance, and customer experience while enabling scalable enterprise integrations. Establish IAM governance frameworks covering access lifecycle, RBAC/ABAC models, access reviews, and audit evidence. Define measurable controls, documentation standards, and recurring review processes to ensure audit readiness. Define and lead an enterprise IAM-as-Code program using Terraform and GitHub. Build reusable, versioned modules and establish PR‑based workflows with auditability, approvals, and security guardrails. Engineer secure CI/CD pipelines for IAM deployments, including validation, testing, approvals, drift detection, and rollback strategies. Ensure reliable, auditable identity changes with operational monitoring and clear runbooks. Develop automation in Python, Bash, and JSON to scale identity operations and reduce manual risk. Support policy management, bulk changes, integrations, and identity‑related incident response and diagnostics. What You’ll Bring Deep hands‑on experience designing and operating identity platforms at scale in complex environments. Advanced expertise across Microsoft Entra ID, AWS IAM, and Google Cloud IAM, with OCI experience a plus. Proven ability to design cloud‑agnostic IAM models and implement them consistently across platforms. Strong background in IAM security architecture, governance, and risk‑based access controls. Hands‑on experience with least privilege design, JIT access, Zero Trust identity, and RBAC/ABAC models. Expert knowledge of OAuth 2.0, OpenID Connect, and SAML. Proven experience delivering enterprise‑scale SSO and MFA solutions. Demonstrated experience establishing IAM‑as‑Code using Terraform with GitHub‑based change control. Strong scripting and automation skills in Python, Bash, and JSON, including CI/CD and guardrail design. Experience architecting and operating customer identity platforms for portals, mobile apps, and APIs. (preferred) Ability to communicate complex identity concepts to both technical and non‑technical audiences. Strong influence, documentation, and execution skills at the principal or senior architect level. Relevant security or identity certifications such as CISSP or identity‑focused credentials. Bachelor’s degree or equivalent experience, with extensive background in enterprise security engineering. Note that the following statements only apply to candidates who will be working from an unincorporated area within Los Angeles County. First American will consider for employment all qualified applicants, including those with arrest or conviction records, in a manner consistent with the requirements of applicable state and local laws (e.g., the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act). First American intends to conduct a review of an applicant’s criminal history in connection with a conditional offer. First American reasonably believes that a criminal history may have a direct, adverse and negative relationship with the following material job duties for this position potentially resulting in the withdrawal of the conditional offer of employment: handling of confidential, proprietary or trade secret information belonging to First American or its customers, administrating or facilitating financial transactions, and the ability to meet customer‑imposed criminal history requirements. What We Offer We are proud to foster an authentic and inclusive workplace for all. Based on eligibility, First American offers a comprehensive benefits package including medical, dental, vision, 401k, PTO/paid sick leave and other benefits such as an employee stock purchase plan. #J-18808-Ljbffr First American Financial Corp.
- ...company is seeking a Software Engineer for its Identity Infrastructure Engineering... ...critical systems across multiple cloud environments. Key responsibilities include developing IAM platform features, driving... ...allows for hybrid or remote work. #J-18808-Ljbffr OpenAIRemote job
- First American Financial Corp. is seeking a Principal Identity Engineer to lead the IAM strategy and architecture across cloud environments. This role involves the implementation... ...and Terraform. This position is open to remote or hybrid candidates. #J-18808-Ljbffr First...Remote work
$152.4k - $251.6k
...Cancer Center (MSK) is seeking a Principal Cyber Security Engineer for Identity and Access Management (IAM). This role serves as a... ...background in SAML, OAuth, and cloud architectures. The position allows... ...for hybrid work—primarily remote with occasional visits to NYC....Remote job$153k - $273.46k
Job Requisition ID # 26WD96445 Sr. Principal IAM Security Engineer Location: Remote Eligible Team: Cyber Defense -... ...strategy and execution for modern Identity and Access Management across human... ...bots, and automation accounts across cloud, CI/CD, and runtime environments....Remote work$152.4k - $251.6k
...Exciting Opportunity at MSK: Principal Cyber Security Engineer - Identity Access Management (IAM) At MSK, this role serves as a... ...Risk Advanced experience with cloud identity architectures in Azure... ...Friday Location: Hybrid: 99% remote with flexibility to come to NYC...Remote workLive inMonday to Friday- ...is the first AI-native identity security platform that... ...a Director of Security Engineering to lead and scale our security... ...architecture across cloud infrastructure,... ...Experience at an identity, IAM, or security vendor Background... ..., San Francisco, or remote. Comprehensive benefits...Remote workFlexible hours
- MAXAR TECHNOLOGIES, INC. is seeking an experienced Identity and Access Management (IAM) Engineer for a remote role. This position involves leading the in-sourcing of IAM services and the design of governance aligned with cybersecurity frameworks. The ideal candidate has...Remote job
- ...Principal Cloud Engineer Greystar is a leading, fully integrated global real estate platform offering... ...understands foundational principles - IAM, virtual networking, DNS, load... ...anticipating common needs - networking, identity, secrets, deployment, observability -...Remote work
$244k - $335.5k
...best and the brightest, we invite you to join us! This role is remote, but distance is no barrier to impact. Our hybrid teams... ...your work truly matters. Job Summary As Sr. Manager, Platform Engineering, Identity, you will lead the execution layer of the Identity Domain Consulting...Remote workVisa sponsorshipWork visa- ...Principal Platform Engineer Remote Bulgaria Point Wild helps customers monitor, manage... ...associated with their identities and personal information in... ...Production ML platform on Google Cloud. In this role, you will be... ...with GCP (VPC-SC, IAM, Organization Policies) and...Remote workImmediate startShift work
$200k - $225k
A digital identity solutions company seeks a Principal Forward Deployed Engineer to lead technical strategies and architect solutions for public sector deployments. The... ...of $200,000 - $225,000 annually and is fully remote within the US. Join a team committed to transformative...Remote job$118k - $196k
Identity & Cloud Engineer (Multi-Cloud Expertise)Skip to main contentWe use cookies on this site with... ...GA, Atlanta: US - MD, Rockville: US - Remote (Any location)time type: Full timeposted... ....Identity and Access Management (IAM)* Design and manage IAM policies and roles...Remote workTemporary workWork experience placementWork at officeLocal areaFlexible hours- Palo Alto Networks, Inc. is seeking a Sr. Manager, Platform Engineering, to lead the execution layer for the Identity Domain. In this role, you will ensure high-quality product representation and manage a team of Platform Engineers while interfacing with Product Management...Remote job
$118.8k - $205.6k
...team and the role: The Identity & Access Management / Cloud Security team protects... ...evolve real-time authorization engines and risk-adaptive access... ...on access management, IAM, or security-focused systems... ...performance, and market factors. Remote roles are not eligible for...Remote workFull timeImmediate start$174k - $312.18k
## Director, IAM EngineeringApplylocations: San Francisco... ...USA: Tennessee, USA - Remote: North Carolina, USA -... ...*Autodesk’s Enterprise Identity Services team is... ...for a **Director, IAM Engineering** to lead the strategy... ...human identities** across cloud, CI CD, platform, and runtime...Remote workWork at office$115.4k - $192.3k
...We are open to hiring on a remote basis in the United States,... ...About the Role As a Consulting Principal AWS Cloud Engineer, you will design, build,... ..., including EC2, S3, VPC, IAM, Lambda, RDS/Aurora, EKS, CloudWatch... ..., networking, storage, identity, containers, serverless,...Remote workTemporary workLocal areaImmediate startFlexible hours- Nalley Consulting is seeking a mid-level IAM Engineer to join their team at SOUTHCOM HQ in Doral, FL. The ideal candidate will design and manage Identity and Access Management solutions to ensure secure authentication and access control across diverse environments. This...
- Barbaricum is seeking an IAM Engineer in Tampa, Florida to design and manage secure Identity and Access Management solutions. The role involves ensuring secure authentication... ...will have experience in IAM frameworks across cloud environments like AWS and Azure, along with a...
- Apex Fintech Solutions UK Ltd. is looking for a Senior Identity Access Management Engineer in Austin, Texas. This role will lead the administration of IAM solutions, focusing on improving and maintaining identity-related systems to enhance operational efficiency. The ideal...
$107.5k - $204.5k
Senior Platform Engineer - Remote, U.S.-based position within Collins Aerospace’s... ...and data pipelines Strengthen AWS IAM, networking, and connectivity between cloud and on‑prem systems Support... ...sex, sexual orientation, gender identity, national origin, age, disability...Remote job$150k - $210k
A prestigious Am Law 50 firm is looking for a Manager, Cybersecurity - IAM to lead their IAM and Identity Governance & Administration initiatives. This fully remote role offers a base salary ranging from $150,000 to $210,000 per year. The ideal candidate will have over...Remote work- A leading healthcare organization is seeking a Manager of IAM Engineering to lead the Identity and Access Management engineering function. The role involves setting technical direction, overseeing IAM initiatives, and ensuring secure identity solutions. Candidates should...
- ...leading data management firm is looking for an Identity Data Analyst & Tester to support... ...purposes. Candidates should have experience in IAM and be able to work independently in a... ...environment. The position offers onsite, remote, or hybrid work options. #J-18808-Ljbffr...Remote work
$181.3k - $261k
...Data and AI platform in the world. Identity and Access Management (IAM) is at the heart of this mission, ensuring... ...right time. We are looking for an Engineering Manager to lead our IAM team and... ...authorization, and identity management at cloud scale. Define and drive the...Local area$190k - $261.25k
A leading data and AI platform provider is seeking an experienced Engineering Manager to lead their Identity and Access Management team. This role involves defining the IAM strategy, managing a high-performing team, and ensuring the security and performance of the platform...- ...WesBanco Bank Inc. is seeking an Identity & Access Management Analyst Level 2 to work remotely from Uniontown, Ohio. This position is responsible for managing identity... ...efficient access provisioning, and configuring IAM products. The ideal candidate will have an Associate...Remote work
- ...The Superintelligence Cloud, is a leader in AI cloud... ...is currently Tuesday. Engineering at Lambda is responsible... ...to Have Experience with IAM, authentication/... ...Experience managing a remote, distributed team Salary... ...sexual orientation and identity, genetic information, veteran...Remote workFull timeTemporary workWork at officeLocal areaWork from homeFlexible hours
$200k - $300k
Senior Engineering Manager page is loaded## Senior Engineering Managerremote... ...: Fully Flexiblelocations: Remote, Wisconsin, United States... ...lead our team focused on cloud governance, IAM, secrets management and... ..., age, sex, gender, gender identity, gender expression, sexual...Remote workWork at office$184k - $230k
...employment Visa sponsorship. Overall Purpose As a Principal Engineer in the Identity and Access Management (IAM) team, you will play a pivotal role in designing,... ...~ Relevant certifications such as PCI, CIAM, CompTIA Security+, CISSP, CISM, or CISA are a plus...Hourly payFor contractorsWork experience placementWork at officeImmediate startVisa sponsorshipWork visaFlexible hours- ...Rockville, Maryland, is seeking a highly skilled professional to lead Identity and Access Management (IAM) initiatives. In this role, you will develop custom solutions within SailPoint platforms and build cloud automation using Python and PowerShell. Ideal candidates should...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Principal Identity Engineer - Cloud IAM / CIAM (Remote). Be the first to apply!
- principal developer Oklahoma City, OK
- engineering director Oklahoma City, OK
- principal data engineer Oklahoma City, OK
- senior chief engineer Oklahoma City, OK
- chief engineer Oklahoma City, OK
- data center chief engineer Oklahoma City, OK
- civil engineer project manager Oklahoma City, OK
- senior civil engineer project manager Oklahoma City, OK
- director systems engineering Oklahoma City, OK
- director data engineering Oklahoma City, OK


