Director, IAM Engineering

This is a fully remote position, open to applicants in California, +4 more states.

📋 Description

• Establish the engineering strategy, architecture, and roadmap for Autodesk’s IAM platforms encompassing workforce, non-human, and agentic identity.

• Direct engineering teams responsible for IAM platforms, APIs, automation services, and identity integrations.

• Supervise engineering efforts for SailPoint, Microsoft Entra, Okta, SSO, MFA, app onboarding, directory services, identity verification, and privileged access integrations.

• Create secure, scalable, and reusable identity frameworks for internal teams.

• Own engineering standards for non-human identities, including service accounts, workload identities, API identities, automation accounts, and federated machine identities.

• Define secure practices for agentic and on behalf of identity, including OBO flows, delegated access, scoped tokens, constrained execution, and least privilege controls.

• Promote the use of short-lived credentials, federation, secret reduction, lifecycle controls, and enhanced ownership for non-human and agentic identities.

• Ensure that engineering designs comply with least privilege, privileged access, separation of duties, logging, and traceability requirements.

• Collaborate with IAM Security and Trust on RBAC, ABAC, PIM, PAM integrations, auditability, and identity risk mitigation.

• Lead and develop a high-performing IAM Engineering organization with a focus on technical ownership, delivery standards, and production readiness.

• Foster the effective and secure use of AI-assisted engineering tools to enhance delivery, documentation, and operational efficiency.

⛳️ Requirements

• Over 10 years of experience in IAM, security engineering, platform engineering, or related enterprise identity fields.

• At least 5 years of experience leading engineering teams responsible for IAM platforms, identity services, or security infrastructure at an enterprise level.

• Extensive experience with SailPoint, Microsoft Entra, and Okta.

• In-depth knowledge of OAuth2, OIDC, SAML, JWT, token exchange, OBO flows, federation, and contemporary workload identity patterns.

• Proven experience in designing identity architectures involving SSO, MFA, provisioning, lifecycle automation, directory services, access governance, and app onboarding.

• Experience in securing and engineering non-human identities across cloud, CI/CD, platform, and runtime environments.

• Familiarity with defining secure practices for agentic identity and software acting on behalf of users or services.

• Solid engineering fundamentals across APIs, automation, distributed systems, CI/CD, observability, and secure platform delivery.

• Experience with privileged access, admin tiering, just-in-time access, and stringent production control boundaries.

• Background in regulated environments, including FedRAMP, public sector, or similarly controlled settings.

🏝️ Benefits

• Health and financial benefits.

• Time off and wellness initiatives.