Lead Cloud Identity Engineer

• Set IAM architecture & standards: Define reusable patterns for SSO/federation, authorization models, privileged access, and workload/machine identity.
• Lead design governance: Run identity design reviews for new applications and major platform changes; approve patterns, manage exceptions, and drive adoption.
• Build authentication & federation: Design and implement SAML2, OAuth2/OIDC, WS-Fed, and FIDO2/passkeys, including adaptive/risk-based auth, conditional access, and MFA.
• Engineer IAM platforms: Operate and enhance enterprise identity services (PingOne / PingOne DaVinci or equivalent orchestration platforms).
• Lead developer for IAM platforms: Serve as lead developer driving hands-on code development to build, extend, and maintain new and existing identity platforms, including custom connectors, APIs, and orchestration flows.
• Design authorization & governance: Build scalable RBAC/ABAC/PBAC models, entitlement catalogs, role engineering, and access request workflows (IGA).
• Automate identity lifecycle: Lead and design end-to-end JML automation integrating HRIS, ITSM, directories, and apps via SCIM and event-driven pipelines.
• Identity as Code: Manage identity configuration/policy using Terraform and CI/CD with testing, version control, and deployment discipline.
• Zero Trust & Detection: Implement least privilege and continuous verification; integrate ITDR-style monitoring, logging, alerting, SLOs, and rapid revocation.
• Incident leadership: Act as escalation for auth outages, federation issues, and credential compromise; lead RCA and post-incident hardening.
• Influence & mentoring: Partner globally with architects, developers, and security; coach engineers through reviews, playbooks, and training.

• Extensive experience owning identity platforms at scale, with deep protocol-level expertise across SAML, OAuth2/OIDC, SCIM, FIDO2/passkeys, LDAP, and Kerberos.
• Hands-on architecture across Azure Entra ID, AWS IAM, or Google Cloud Identity, including cross-cloud federation and hybrid identity patterns.
• Practical experience designing and building infrastructure across Azure, AWS, or GCP.
• Strong coding skills in Python and/or TypeScript, with API integrations, Git, CI/CD, and automated testing. Delivery of identity configuration as versioned, testable code using Terraform or similar technologies.
• Hands-on experience integrating diverse applications with enterprise governance platforms; design and delivery of JML automation, RBAC/ABAC/PBAC models and access workflows integrating HRIS IAM downstream apps via SCIM and event-driven pipelines., * Experience building multi-step user journeys for Workforce, CIAM, and partner ecosystems using platforms such as PingOne DaVinci or Okta Workflows.
• Hands-on development and design experience with SailPoint IdentityNow/IdentityIQ (or equivalent).
• Real-time detection and response to identity-based threats, integrating signals from IdPs, directories, and SIEM/SOAR platforms.

We have an exciting opportunity to hire a Lead Cloud Identity Engineer to join our already skilled engineering team. This individual will be a part of a global team that manages authentication and identity tools and procedures for Koch Industries. Working closely with global colleagues, as well as customers, will provide significant global exposure. Our Team The Koch Technology Identity team provides modern Identity solutions and services for all Koch businesses. We are responsible for the entire enterprise in designing innovative services, creating, and sharing best practices, and providing support for our services., All Koch companies value diversity of thought, perspectives, aptitudes, experiences, and backgrounds. We are Military Ready and Second Chance employers. Learn more about our hiring philosophy here., Koch creates and innovates a wide spectrum of products and services that make life better. Our work spans a vast number of industries across the world, including engineered technology, refining, chemicals and polymers, pulp and paper, glass, electronics and many more. Headquartered in Wichita, Kansas, Koch employs about 120,000 employees across the globe. At Koch, employees are empowered to do what they do best to make life better. Learn how our business philosophy helps employees unleash their potential while creating value for themselves and the company.