Senior Specialist, Lead Zero Trust Identity Security Engineering

The Vanguard Group


Job Location:

Dallas, IA - USA

Monthly Salary: Not Disclosed
Posted on: 30+ days ago
Vacancies: 1 Vacancy

Job Summary

Key Responsibilities

Identity Platform Engineering & Leadership

  • Serve as technical lead for workforce identity platforms with Okta as the primary IdP and integrations to complementary platforms (e.g. Ping/Entra Identity).

  • Own endtoend identity architecture including authentication flows federation directory integrations and token issuance.

  • Lead design reviews and decisions for IdP resiliency failover and supplierrisk mitigation strategies.

  • Document existing and new architecture and act as a handson engineer while also setting technical direction patterns and standards.

  • Strong communication influence and stakeholdermanagement skills with the ability to distill complex identity and security architectures into clear and concise messaging

StandardsBased Identity & Federation

  • Design and troubleshoot identity flows using OAuth 2.0 / OIDC SAML 2.0 SCIM JWT / tokenbased auth

  • Ensure token parity claim consistency and issuer abstraction across identity providers to minimize application impact.

  • Partner with application teams to enable modern authentication without app rearchitecture.

Directory & Identity Data Architecture

  • Engineer and maintain directory integrations across Active Directory Okta UD and cloud directories (e.g. Ping Directory).

  • Design attribute models lifecycle management and group strategies at enterprise scale (thousands of groups large population sizes).

  • Support directory deployments in cloudnative environments (AWS/GCP containers Kubernetes).

Cloud Automation & Reliability

  • Build and operate identity infrastructure in AWS/GCP/Azure using: Infrastructure & Policy as Code (Terraform / CloudFormation) Kubernetes & containerized identity services

  • Automate provisioning deployment monitoring and drift detection for identity platforms.

  • Support SREstyle operational maturity: SLIs/SLOs alerting incident response and runbooks for identity services.

Security Risk & Compliance

  • Design identity controls aligned to Zero Trust principles and enterprise security policies.

  • Partner with CSOC audit and risk teams on: Control validation Incident response Regulatory and audit requirements (SOX SOC internal controls)

  • Contribute to risk assessments related to supplier dependency SPOFs and identity outages.

Collaboration & Influence

  • Work closely with security architecture infrastructure application engineering IAM operations and vendors.

  • Influence roadmap decisions through clear technical reasoning and executiveready communication.

  • Mentor senior and midlevel engineers and raise overall identity engineering maturity.

Qualifications

  • Undergraduate degree in a related field or the equivalent combination of training and experience.

  • 12 years of experience in Identity & Access Management engineering.

  • Skilled in using DevOps tools and experience in Policy as code.

  • Deep handson expertise with Okta (Workforce Identity MFA SSO policies lifecycle).

  • Strong working knowledge of Ping Identity products (PingFederate PingOne Ping Directory) or equivalent platforms.

  • Expert understanding of identity standards: OAuth 2.0 OIDC SAML Federation and tokenbased security

  • Proven experience with directory services & LDAP (AD cloud directories).

  • Experience building identity platforms in AWS/GCP including containerized/Kubernetes deployments.

  • Strong troubleshooting skills for complex authentication and federation failures.

  • Ability to operate in highvisibility highimpact environments.

Special Factors

Sponsorship

Vanguard is offering visa sponsorship for this position.

About Vanguard

At Vanguard we dont just have a missionwere on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne our mission drives us forward and inspires us to be our best.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members designed to capture the benefits of enhanced flexibility while enabling in-person learning collaboration and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.


Required Experience:

Senior IC

Key ResponsibilitiesIdentity Platform Engineering & LeadershipServe as technical lead for workforce identity platforms with Okta as the primary IdP and integrations to complementary platforms (e.g. Ping/Entra Identity).Own endtoend identity architecture including authentication flows federation dire...

About Company

Company Logo

Search the latest roles and opportunities at Vanguard. Apply today to join our industry-leading crew.

View Profile View Profile