Lead Identity & Application Security Engineer
Role details
Job location
Tech stack
Job description
Athene is seeking a Lead Identity & Application Security Engineer to help shape the future of secure software delivery across the enterprise. This role sits at the intersection of identity engineering and application security-two disciplines built on the shared foundations of authentication, authorization, cryptography, secure APIs, and modern cloud identity., * Design, build, and maintain reusable identity and application security capabilities-including identity-as-code patterns, policy-as-code guardrails, security libraries, developer self-service capabilities, and integrations between security platforms.
- Lead the engineering and automation of AWS and Azure identity services, including IAM, federated identities, workload identities, permissions boundaries, Azure RBAC, privileged access, secrets management, and Infrastructure as Code.
- Architect and operate enterprise authentication and authorization platforms including Okta and Microsoft Entra ID, implementing SSO, MFA, Conditional Access, application integrations, privileged identity management, and modern access controls.
- Establish scalable identity frameworks for non-human identities, machine identities, and AI agents, including secure credential issuance, lifecycle management, certificate automation, and workload authentication.
- Partner with engineering teams to embed secure authentication, authorization, API security, and secure design patterns into software throughout the SDLC by performing threat modeling, architecture reviews, security testing, and remediation guidance.
- Serve as a technical leader across the Information Security organization by developing automation, integrating security tools, advancing the Security Guardians program, mentoring teammates, and driving innovation through AI-enabled engineering and continuous improvement.
Requirements
- 6+ years of experience in identity security, application security, cloud security, software security engineering, or relevant experience.
- Deep expertise designing and implementing authentication and authorization solutions using OAuth 2.0, OpenID Connect (OIDC), SAML, JWT, mTLS, PKI, certificate management, secure API authentication, and modern identity architecture.
- Extensive hands-on experience securing AWS and Azure environments, including AWS IAM, Azure RBAC, cloud secrets management, privileged access, Infrastructure as Code (Terraform and/or CloudFormation), CI/CD pipelines, and security automation using Python, Go, JavaScript, or TypeScript.
- Experience designing and securing enterprise identity platforms including Okta, Microsoft Entra ID, SailPoint, CyberArk, GitHub Advanced Security, API security platforms, or comparable technologies.
- Strong understanding of secure software development practices, OWASP Top 10, threat modeling, secure design reviews, SAST, DAST, Software Composition Analysis (SCA), API security testing, and secure software architecture.
- Demonstrated ability to influence engineering teams through technical leadership, consultative partnership, critical thinking, creativity, and a bias for action. Embraces emerging technologies-including AI-to automate security operations, improve developer experience, and continuously strengthen security capabilities.
- Bachelor's degree in Computer Science, Cybersecurity, Information Systems, Engineering, or equivalent professional experience.
Drive. Discipline. Confidence. Focus. Commitment. Learn more about working at Athene.