Jobs · Education · New York

Principal IAM Lead

DriveWealth · New York, NY · Today
HybridEducation$155k–$175k/yrFull-time

About the role

This is a senior, hands-on technical leadership role for someone who lives at the intersection of identity architecture, security engineering, and platform administration. You will serve as the subject matter expert for our Okta and Auth0 environments, driving secure, scalable, and well-governed identity solutions across the organization.

Responsibilities

  • Serve as the principal administrator and subject matter expert for Okta, including SSO and SCIM integrations, Okta Workflows, and Okta Identity Governance (OIG)
  • Design, build, and maintain group rules and access policies that support least-privilege and lifecycle management
  • Manage Okta licensing, entitlements, and platform capacity planning
  • Demonstrate deep expertise on how authentication rules (MFA policies, sign-on policies, adaptive authentication, risk-based policies, etc.) are applied within Okta, and update and tune these policies as business and security needs evolve
  • Maintain strong working knowledge of the Auth0 platform, including tenants, rules/actions, and application configurations
  • Create, configure, and troubleshoot Identity Provider (IdP) connections across all major IdP types (SAML, OIDC, social, enterprise directories, etc.)
  • Diagnose and resolve authentication and federation issues across integrated applications
  • Leverage Okta, Auth0, and related APIs to automate identity workflows, integrations, and reporting
  • Troubleshoot and build API-based solutions to extend platform capabilities beyond native UI functionality
  • Configure and manage SSO connections for external clients and enterprise customers, acting as the primary technical point of contact for partner-side IT/security teams during setup
  • Gather and validate partner IdP metadata (OIDC) and configure corresponding Auth0 connections
  • Test and troubleshoot partner SSO connections end-to-end prior to go-live, resolving certificate, attribute mapping, and claims issues
  • Maintain documentation and a repeatable onboarding process for bringing new clients onto SSO
  • Collaborate with cloud infrastructure teams to align identity governance across on-prem, SaaS, and cloud environments
  • Apply working knowledge of AWS and AWS Identity Center (formerly AWS SSO) to support cloud identity federation and access management
  • Secure access to AI/ML platforms, tools, and resources, including LLM APIs, AI agents, and machine-to-machine authentication for AI-driven services
  • Apply IAM governance principles (least privilege, lifecycle management, auditing) to non-human identities and AI agents to mitigate emerging risks such as over-privileged connectors or unauthorized data access
  • Partner with engineering and security teams to define access and authentication standards for internally built and third-party AI tooling
  • Act as a trusted advisor to security, IT, and application teams on identity best practices and architecture decisions
  • Map IAM controls to compliance and Zero Trust frameworks (e.g., SOC 2, ISO 27001, NIST) in partnership with GRC teams
  • Mentor junior IAM engineers and contribute to the long-term IAM roadmap
  • Document standards, runbooks, and processes to mature the IAM program
  • Own vendor relationships and roadmap discussions with Okta, Auth0, and related identity vendors

Requirements

The ideal candidate has deep platform-level expertise, strong troubleshooting instincts, and the confidence to make and defend changes to authentication and security policies that affect the entire company.

Qualifications

  • Extensive hands-on experience administering Okta at an enterprise level, including SSO/SCIM, Okta Workflows, and Okta Identity Governance
  • Strong, demonstrable experience with Auth0, including IdP connection creation and troubleshooting across major identity providers
  • Solid understanding of authentication and authorization concepts (SAML, OIDC, OAuth 2.0, MFA, adaptive/risk-based policies)
  • Practical experience consuming and integrating with REST APIs for automation and troubleshooting
  • Familiarity with directory services (Active Directory, Entra ID) and how they integrate with Okta/Auth0
  • Strong troubleshooting skills and comfort making high-impact changes to production authentication systems
  • Excellent communication skills, with the ability to translate technical identity concepts for both technical and non-technical stakeholders

Special Knowledge (Nice to Have, But Not Required)

  • Relevant certifications (Okta Certified Consultant/Administrator, AWS certifications, CISSP, etc.)
  • Experience mapping IAM controls to compliance frameworks (SOC 2, ISO 27001, NIST)
  • Understanding of privileged access management (PAM) and non-human identity governance (service accounts, API keys, secrets rotation)

Similar jobs