Principal Identity Security Engineer - Hybrid (3 Days onsite in

Post Date: Mar 11, 2025

Location: Santa Ana, California

ZIP/Postal Code: 92707

Job Type: Perm

Category: Security Engineering

OCC: 767925

Pay Rate: $180k - $210k (estimate)

A Fortune 500 client is seeking a Principal Identity Security Engineer to join their growing Information Security team. This role spearheads security engineering for Microsoft and Identity Management platforms, including cloud services. As a key player in delivering strategic identity and access management (IAM) solutions, you will enhance the security posture of the enterprise and its global partners. You will be responsible for designing, implementing, and managing Microsoft solutions, including Workforce Identity and B2B, ensuring robust IAM services throughout the organization. This is a direct hire position reporting onsite 3 days per week (Monday, Tuesday, Thursday) in Orange County, CA.

1. Lead technical engineering discussions to drive innovation and ensure secure deployment in the cloud and other platforms.
2. Collaborate with Operations, Governance, and Engineering teams to develop, deploy, and optimize secure access management services.
3. Drive innovation, establish best practices, and influence the future architecture of identity security while being hands-on in solution development.
4. Recommend integration strategies, engineering solutions, and application infrastructure to optimize product effectiveness.
5. Build trusted advisory relationships with strategic customers and engage with senior management to identify priorities and design strategies.
6. Conduct market research on best-of-breed technologies and lead the development of proof-of-concepts.
7. Engage with business partners to identify opportunities and leverage technology to solve complex issues.
8. Design and enhance technical architecture patterns and frameworks for enterprise-wide use.
9. Collaborate with stakeholders to understand and communicate system requirements and nonfunctional requirements.
10. Mentor and train team members within and outside the work group, while providing technical consulting on complex projects.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.

1. 10+ years of related experience, including 5+ years in enterprise-level security engineering.
2. Extensive experience with Microsoft Entra ID, Active Directory, Azure, AWS, OCI, GCP Cloud, and modern authentication protocols (SAML, OAuth2).
3. Identity security expertise within AWS is a non-negotiable requirement.
4. Expertise in IAM lifecycle management, provisioning, SSO, MFA, and RBAC.
5. Proficient in cloud security configurations, multi-tiered IAM integrations, and designing identity-based security models for cloud platforms.
6. Ability to convey technical concepts to non-technical personnel; strong presentation and organizational skills.
7. Devises solutions for complex problems, performs program design, coding, testing, debugging, and documentation.
8. Responsible for quality assurance review of architectural objectives and full technical knowledge of cloud identity relationships.
9. Identifies problems, researches best practices, drives solutions, and implements customized solutions; acts independently and influences broad business communities.

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.