Key skills
IAM architectureauthentication protocolsenterprise IAM platformscloud platformsidentity governanceprivileged access managementlifecycle automationrisk managementzero trust architectureCISSP certificationAIGenerative AIClaudeGeminiAWSAzureGCPVaultIAMEntra IDOAuthOktaSAMLLDAPActive DirectorySSOCI/CDRisk ManagementProblem SolvingZero Trust
About this role
Model N is the leader in revenue optimization and compliance for pharmaceutical, medtech, and high-tech innovators. They are seeking a Principal Information Security Engineer to lead their Identity and Access Management (IAM) program and contribute to broader information security initiatives. The role involves shaping secure access for users and systems, overseeing IAM solutions, and collaborating across teams to enhance the organization's security posture.
Responsibilities:
- Define the IAM roadmap and ensure alignment with security, compliance, and business needs
- Design and maintain enterprise IAM architectures for workforce, partners, and customers
- Lead initiatives related to authentication, authorization, identity governance, and privileged access
- Contribute to enterprise security architecture standards beyond IAM, with identity as a foundational control
- Set standards for identity lifecycle management, directory services, federation, and access controls
- Drive implementation of modern IAM capabilities such as SSO, MFA, password less authentication, SCIM, role-based access, and just-in-time access
- Oversee integration of cloud and on-prem applications using SAML, OIDC, and OAuth
- Evaluate tools, guide vendor selection, and manage technical relationships
- Develop reusable patterns, reference architectures, and security guidance for development teams
- Partner with engineering to embed IAM and security controls into CI/CD pipelines and cloud platforms
- Design and govern enterprise identity architecture across AWS, Okta, Entra ID, Active Directory, and hybrid environments
- Enforce least-privilege access using federation, roles, conditional access, and zero trust principles
- Architect secure access for cloud workloads, eliminating long-lived credentials and unmanaged identities
- Secure non-human identities, service accounts, APIs, and automation using scoped roles, ownership models, and rotation policies
- Design and operate centralized secrets and key management solutions using KMS, Vault, and PAM platforms
- Centralize identity logging, monitoring, and response for authentication and authorization events
- Support security operations by improving access-focused detection, alerting, and incident response workflows
- Establish access policies, role models, and attestation processes
- Ensure IAM and access controls meet regulatory, audit, and internal security expectations
- Provide oversight for provisioning, deprovisioning, and access escalation processes
- Guide monitoring and tuning of identity and security services to meet availability and performance targets
- Mentor IAM and security engineers and influence cross-functional teams
- Work closely with security, infrastructure, application owners, risk, and compliance partners
- Communicate technical and security concepts clearly to both technical and non-technical audiences
- Support incident response activities when identity or access systems are involved
Requirements:
- Strong background in IAM architecture and engineering within a broader information security context
- Solid understanding of core information security principles, risk management, and control design
- Expertise with authentication and authorization protocols including SAML, OIDC, OAuth, LDAP, and Kerberos
- Experience with enterprise IAM platforms such as Entra ID, Okta, or similar
- Strong understanding of cloud platforms such as AWS, Azure, or GCP
- Demonstrated experience using generative AI tools (e.g., ChatGPT, Copilot, Claude, Gemini) to improve productivity, decision‑making, or problem solving in a professional or personal context
- Hands-on experience with identity governance, privileged access, and lifecycle automation
- Ability to lead complex initiatives and work effectively with diverse stakeholders
- Experience in regulated environments such as finance, healthcare, or government
- Familiarity with zero trust architectures and modern enterprise security models
- Certifications such as CISSP, CCSP, or vendor-specific IAM certifications
- Experience with IGA, PAM, CIEM, or customer identity platforms