Senior Identity & Security Engineer (VP)

TWG Global

  • Santa Monica, CA
  • Permanent
  • Full-time
  • 17 days ago
  • Apply easily
At TWG Group Holdings, LLC (“TWG Global”), we drive innovation and business transformation across a range of industries—including financial services, insurance, technology, media, and sports—by leveraging data and AI as core assets. Our AI-first, cloud-native approach delivers real-time intelligence and interactive business applications, empowering informed decision-making for both customers and employees.We prioritize responsible data and AI practices, ensuring ethical standards and regulatory compliance. Our decentralized structure enables each business unit to operate autonomously, supported by a central AI Solutions Group, while strategic partnerships with leading data and AI vendors fuel game-changing efforts in marketing, operations, and product development.You will collaborate with management to advance our data and analytics transformation, enhance productivity, and enable agile, data-driven decisions. By leveraging relationships with top tech startups and universities, you will help create competitive advantages and drive enterprise innovation.At TWG Global, your contributions will support our goal of sustained growth and superior returns, as we deliver rare value and impact across our businesses.The RoleWe’re looking for a hands-on Senior Identity & Security Engineer (VP) to design, implement, and maintain secure, scalable identity and access management solutions for our growing enterprise and customer environments. You’ll work closely with internal teams and customers to design and implement secure identity architectures, commercialize upcoming environments, and drive adoption of advanced security practices like RBAC, ABAC, and Zero Trust.This role requires expertise with Okta, modern identity frameworks, and cloud security architecture, plus the ability to partner directly with customers and internal stakeholders to deliver secure, reliable, and user-friendly access solutions.What you'll do:
  • Design and deploy identity platforms leveraging Okta and Entra ID (Azure AD), integrating adaptive authentication, automated lifecycle workflows, and advanced access policies.
  • Build and maintain granular RBAC and ABAC policies to enforce least-privilege access and enable Shift Left identity security practices.
  • Support the commercialization of new customer-facing identity environments.
  • Design secure, segmented network architectures (VPCs/VNets, subnets, security groups) to limit lateral movement and align with Zero Trust principles.
  • Integrate security controls into Infrastructure as Code (Terraform) to ensure secure-by-default deployments.
  • Implement secure application access via federation protocols (SAML, OAuth, OpenID Connect), MFA, and conditional access.
  • Serve as the primary identity security liaison with customers, ensuring environments meet security, compliance, and usability needs.
  • Collaborate with engineering, IT, and product teams to integrate identity solutions seamlessly into applications and services.
  • Lead access governance initiatives, including automated access reviews and segregation of duties.
  • Automate provisioning, deprovisioning, and access management workflows to improve efficiency and reduce risk.
  • Establish and maintain reusable Terraform modules for secure, scalable infrastructure.
  • Drive continuous improvement by embedding security requirements into CI/CD pipelines.
Requirements
  • 5+ years of experience designing and implementing identity platforms with Okta and Azure AD/Entra ID.
  • Strong background in RBAC/ABAC policy development, Zero Trust architecture, and cloud security best practices.
  • Hands-on experience with Infrastructure as Code (Terraform) and automated security workflows.
  • Knowledge of federation protocols (SAML, OAuth, OpenID Connect) and integrating identity into third-party services.
  • Ability to communicate complex technical concepts to both technical and non-technical stakeholders, including customers.
  • Experience with network segmentation, secure connectivity, and cloud-native networking (AWS, Azure, GCP).
  • Familiarity with threat modeling frameworks (STRIDE, MITRE ATT&CK) and Shift Left security principles.
  • Strong problem-solving skills and the ability to work independently in a fast-paced environment.
BenefitsThis is an onsite position located at our offices in New York, NY or Santa Monica, CA.The expected base pay for this position is $200,000-$285,000. A discretionary bonus will be provided as part of the compensation package, in addition to a full range of medical, financial, and/or other benefits.TWG is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

TWG Global