Distinguished Technologist, Cloud Native Identity and Authorization
Houston, North Carolina, United States of America
Full Time
4 hours ago
$170,000 - $412,500 USD
Visa Sponsor
Key skills
AWSAzureCloudGoogle Cloud PlatformGCPGoogle CloudIAMOAuthJWTSAMLService MeshLeadershipMentoringZero Trust
About this role
Role Overview
- Define and drive the platform IAM and authorization strategy, including a unified control plane that supports products at different maturity levels and hybrid/disconnected environments
- Be embedded with product and platform teams long enough to shape implementation outcomes and iterate on designs through delivery
- Architect and review secure identity and authorization systems for cloud (AWS/Azure/GCP), hybrid, and on‑prem deployments: OAuth/OIDC flows, token architecture, RBAC/ABAC/ABAC+RBAC hybrids, delegated authorization, and service‑to‑service auth
- Build practical, production‑oriented threat models and trade‑off analyses that account for real constraints (latency, offline operation, regulatory and customer environments)
- Provide hands‑on technical leadership: review code and design artifacts, validate authentication/authorization flows, influence SDKs and libraries used by teams, and guide secure integration patterns beyond hyperscaler defaults
- Influence and shepherd adoption: create pragmatic patterns, reference implementations, APIs, SDKs, and migration guides; secure alignment with engineering leaders and product teams
- Mentor and guide engineers and security technologists through design sessions, architecture reviews, and implementation checkpoints
- Lead through technical credibility
- Contribute architectural input to detection, response, and operational security by surfacing IAM risk scenarios and failure modes
- Prioritize pragmatic, incremental delivery & deliver usable capabilities that improve security posture while minimizing disruption to customers and teams.
Requirements
- 15+ years of hands‑on experience building, securing, or leading security platforms, products, or services
- Proven experience implementing or modernizing IAM systems using OAuth/OIDC, JWT/token architectures, RBAC and ABAC (or hybrid) implementations
- Strong leadership skills with a history of mentoring and managing technical teams in complex, ambiguous environments
- Strong experience with at least one major cloud (AWS, Azure, GCP) and working knowledge of hybrid/disconnected/on‑prem constraints
- Demonstrated ability to read & analyze code and libraries that implement auth flows and security controls
- Deep understanding of cloud‑native security architectures, application/service security, and identity & access management principles (OIDC, OAuth2, SAML, Zero Trust)
- Practical experience with secret management, KMS, identity providers, service mesh auth patterns, and policy enforcement points
- Hands‑on experience with threat modeling, secure design, and pragmatic DevSecOps practices that materially affect product security
- Track record of influencing engineering outcomes across large organizations through technical authority and clear practical guidance
- Comfortable with ambiguity and trade‑offs; able to choose and deliver the right security solutions in complex, constrained environments.
Tech Stack
- AWS
- Azure
- Cloud
- Google Cloud Platform
Benefits
- Health & Wellbeing
- Personal & Professional Development
- Unconditional Inclusion