Key skills
Identity and Access Management (IAM)Microsoft Entra IDOktaPingForgeRockSailPointSaviyntCyberArkDelineaHashiCorp VaultAuth0PingOneSAMLOAuth2.0OIDCSCIMRESTful APIsActive DirectoryLDAPAzureAWSGCPZero Trust architecturePowerShellPythonJavaCISSPCCSPAWS Certified Security – SpecialtyAIAgenticVaultIAMEntra IDRESTfulSaaSLeadershipCommunicationCloud SecurityZero Trust
About this role
Lennar is one of the nation's leading homebuilders, dedicated to making an impact and creating an extraordinary experience for their Homeowners, Communities, and Associates. The Principal Security Engineer is responsible for driving the overall security strategy of the organization, focusing on designing security solutions and leading responses to complex security challenges.
Responsibilities:
- Define and lead the implementation of the organization’s security strategy, with a focus on Cloud Security, Identity Access Management, and all other aspects of Cybersecurity
- Architect and oversee the deployment of IAM solutions across both on-premise and cloud environments, ensuring they meet the highest standards of security
- Lead the most complex security assessments, including threat modeling, red teaming, and cloud security reviews
- Collaborate with executive leadership to ensure that security initiatives align with the organization’s strategic goals and risk appetite
- Act as the technical lead for large-scale security projects, coordinating cross-functional teams to ensure successful delivery
- Architect and implement solutions across workforce IAM, PAM, and customer IAM ecosystems
- Provide thought leadership in adopting passwordless authentication, passkeys, adaptive MFA, and AI-driven access orchestration strategies
- Engineer integrations with Agentic AI tools for intelligent decisioning, policy enforcement, and autonomous identity lifecycle operations
- Develop and implement automated provisioning/deprovisioning workflows
- Ensure integration of IAM with cloud platforms (Azure, AWS, GCP) and SaaS applications
- Mentor and develop the skills of senior security engineers, fostering a culture of continuous improvement and innovation
Requirements:
- Bachelor's degree in Computer Science, Cybersecurity, or a related discipline; Master's degree is highly preferred
- Minimum of 10 years in security engineering, with significant expertise in Identity and Access Management (IAM)
- Demonstrated success in leading large-scale IAM initiatives and formulating security strategies for complex organizations
- Design and hands-on engineering across IAM: Identity Providers (such as Microsoft Entra ID, Okta, Ping, ForgeRock), Identity Governance & Administration (SailPoint, Saviynt), Privileged Access Management (CyberArk, Delinea, HashiCorp Vault), and Customer IAM (Auth0, PingOne—preferred)
- Deep understanding of federation protocols (SAML, OAuth2.0, OIDC), SCIM, and RESTful APIs
- Hands-on experience with Active Directory, LDAP, and cloud IAM solutions (Azure, AWS, GCP)
- Solid foundation in Zero Trust architecture and contemporary security standards
- Proficient in scripting and automation using PowerShell, Python, Java, or RESTful APIs
- Recognized industry certifications such as CISSP, CCSP, AWS Certified Security – Specialty, or equivalent credentials
- Exceptional leadership and communication abilities, capable of influencing executive decision-makers and directing cross-functional teams