Lead Identity & Application Security Engineer

Athene Annuity and Life Company
West Des Moines, United States of America
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

West Des Moines, United States of America

Tech stack

JavaScript
API
Artificial Intelligence
Amazon Web Services (AWS)
Application Integration Architecture
Azure
Cloud Computing
Cloud Computing Security
Cloud Engineering
Computer Security
Information Systems
Multi-Factor Authentication
Github
Identity and Access Management
Python
Key Management
OAuth
OpenID
Open Web Application Security
Public Key Infrastructure
Systems Development Life Cycle
Role-Based Access Control
Openid Connect
Azure
Security Assertion Markup Language (SAML)
Systems Integration
TypeScript
Policy as Code
SSL Certificate Management
Okta
Cyberark
Software Security
Cloudformation
Information Technology
SailPoint
Terraform
Security Orchestration, Automation & Response
Static Application Security Testing
Go
Dynamic Application Security Testing

Job description

Athene is seeking a Lead Identity & Application Security Engineer to help shape the future of secure software delivery across the enterprise. This role sits at the intersection of identity engineering and application security-two disciplines built on the shared foundations of authentication, authorization, cryptography, secure APIs, and modern cloud identity., * Design, build, and maintain reusable identity and application security capabilities-including identity-as-code patterns, policy-as-code guardrails, security libraries, developer self-service capabilities, and integrations between security platforms.

  • Lead the engineering and automation of AWS and Azure identity services, including IAM, federated identities, workload identities, permissions boundaries, Azure RBAC, privileged access, secrets management, and Infrastructure as Code.
  • Architect and operate enterprise authentication and authorization platforms including Okta and Microsoft Entra ID, implementing SSO, MFA, Conditional Access, application integrations, privileged identity management, and modern access controls.
  • Establish scalable identity frameworks for non-human identities, machine identities, and AI agents, including secure credential issuance, lifecycle management, certificate automation, and workload authentication.
  • Partner with engineering teams to embed secure authentication, authorization, API security, and secure design patterns into software throughout the SDLC by performing threat modeling, architecture reviews, security testing, and remediation guidance.
  • Serve as a technical leader across the Information Security organization by developing automation, integrating security tools, advancing the Security Guardians program, mentoring teammates, and driving innovation through AI-enabled engineering and continuous improvement.

Requirements

  • 6+ years of experience in identity security, application security, cloud security, software security engineering, or relevant experience.
  • Deep expertise designing and implementing authentication and authorization solutions using OAuth 2.0, OpenID Connect (OIDC), SAML, JWT, mTLS, PKI, certificate management, secure API authentication, and modern identity architecture.
  • Extensive hands-on experience securing AWS and Azure environments, including AWS IAM, Azure RBAC, cloud secrets management, privileged access, Infrastructure as Code (Terraform and/or CloudFormation), CI/CD pipelines, and security automation using Python, Go, JavaScript, or TypeScript.
  • Experience designing and securing enterprise identity platforms including Okta, Microsoft Entra ID, SailPoint, CyberArk, GitHub Advanced Security, API security platforms, or comparable technologies.
  • Strong understanding of secure software development practices, OWASP Top 10, threat modeling, secure design reviews, SAST, DAST, Software Composition Analysis (SCA), API security testing, and secure software architecture.
  • Demonstrated ability to influence engineering teams through technical leadership, consultative partnership, critical thinking, creativity, and a bias for action. Embraces emerging technologies-including AI-to automate security operations, improve developer experience, and continuously strengthen security capabilities.
  • Bachelor's degree in Computer Science, Cybersecurity, Information Systems, Engineering, or equivalent professional experience.

Drive. Discipline. Confidence. Focus. Commitment. Learn more about working at Athene.

About the company

We are driven to do more. More for our customers and the financial professionals who offer our products. If you are driven to do more and love the challenge of pursuing more, Athene is your kind of company. You will find we offer more than the basics to create an inclusive and dynamic work environment at our various locations.

Apply for this position