Principal Authentication Engineer (IAM) — Vice President jobs in United States
cer-icon
Apply on Employer Site
company-logo

Morgan Stanley · 2 months ago

Principal Authentication Engineer (IAM) — Vice President

positionNew York, NY
timeFull-time
remoteOnsite
seniorityMid, Senior Level
money$150K/yr - $210K/yr
date10+ years exp

Morgan Stanley is a global leader in financial services, always evolving and innovating to better serve clients. They are seeking a Principal Authentication Engineer to design, integrate, and operate authentication solutions at scale, ensuring secure access across hybrid environments.

Asset ManagementFinanceFinancial ServicesLending
check
H1B Sponsor Likelynote

Responsibilities

Lead Hands-On Authentication Engineering: design, build, integrate, and ship secure, scalable solutions for human and non-human identities (bots, service accounts, applications, agentic systems)
Own Enterprise Authentication & Federation: implement and harden OIDC/OAuth2, SAML, SSO, FIDO2/WebAuthn, PKI (mTLS, cert lifecycle), API auth, and Unix/Linux authentication
Integrate and Customize IAM Platforms: deliver end-to-end integrations across Entra ID, Ping Identity, SailPoint, CyberArk, HashiCorp Vault, HSMs, IDM/LDAP, and RCBI in cloud and hybrid environments
Drive Reliability and Automation at Scale: operate and evolve large-scale IAM estates with HA/DR, performance tuning, IaC (Terraform), config management (Ansible/Puppet/Chef), CI/CD, observability, and safe deployment strategies
Harden and Govern Identity Controls: define and enforce policies for identity lifecycle, authentication, authorization, PAM, and secrets management for human and non-human identities
Assess and Uplift Existing Solutions: identify risks and technical debt, deliver remediation plans, and implement secure-by-default patterns with measurable outcomes
Translate Architecture into Executable Work: break down complex designs into clear epics, stories, runbooks, and pipelines; produce ADRs, standards, and audit-ready documentation to align engineers, SREs, POs, and QA
Partner and Operate Across Teams: collaborate with product/platform leads to scale adoption; participate in on-call, lead RCAs, and drive operational excellence

Qualification

OIDC/OAuth2SAMLSSOPKIIAM platformsHashiCorp VaultCyberArkSailPointTerraformAnsibleShell scriptingPythonGoTeam communicationDocumentation

Required

Lead Hands-On Authentication Engineering: design, build, integrate, and ship secure, scalable solutions for human and non-human identities (bots, service accounts, applications, agentic systems)
Own Enterprise Authentication & Federation: implement and harden OIDC/OAuth2, SAML, SSO, FIDO2/WebAuthn, PKI (mTLS, cert lifecycle), API auth, and Unix/Linux authentication
Integrate and Customize IAM Platforms: deliver end-to-end integrations across Entra ID, Ping Identity, SailPoint, CyberArk, HashiCorp Vault, HSMs, IDM/LDAP, and RCBI in cloud and hybrid environments
Drive Reliability and Automation at Scale: operate and evolve large-scale IAM estates with HA/DR, performance tuning, IaC (Terraform), config management (Ansible/Puppet/Chef), CI/CD, observability, and safe deployment strategies
Harden and Govern Identity Controls: define and enforce policies for identity lifecycle, authentication, authorization, PAM, and secrets management for human and non-human identities
Assess and Uplift Existing Solutions: identify risks and technical debt, deliver remediation plans, and implement secure-by-default patterns with measurable outcomes
Translate Architecture into Executable Work: break down complex designs into clear epics, stories, runbooks, and pipelines; produce ADRs, standards, and audit-ready documentation to align engineers, SREs, POs, and QA
Partner and Operate Across Teams: collaborate with product/platform leads to scale adoption; participate in on-call, lead RCAs, and drive operational excellence
Hands-On Principal Engineer (not architect-only): design and implement—comfortable coding, configuring, integrating products, and shipping production outcomes
Deep authentication expertise: OIDC/OAuth2, SAML, SSO, FIDO2/WebAuthn, PKI (CA/RA, mTLS, cert lifecycle), API auth (JWT/mTLS), and Unix/Linux authentication at enterprise scale
IAM platforms & integration mastery: experience with HashiCorp Vault, HSMs, CyberArk, SailPoint, Entra ID, Ping Identity, IDM/LDAP, and RCBI—covering policy design, integration, automation, and migrations
Resiliency and Automation at Scale: proven experience operating IAM/auth services across large, globally distributed environments with multi-region HA/DR, performance tuning, IaC (Terraform), config management (Ansible/Puppet/Chef), CI/CD, observability; strong Shell plus Python/Go
Security & compliance acumen: threat modeling, least privilege, PAM, secrets management, policy-as-code, and auditability for human and non-human identities (including agentic systems)
Systems integrator mindset: ability to customize and stitch vendor products and open standards into cohesive, well-documented solutions and APIs
Team enablement & communication: skill in decomposing solutions into clear epics/stories, authoring ADRs/runbooks/standards, conducting reviews, coaching engineers/SREs, and producing clear written documentation to influence stakeholders in an agile squad model
Enterprise & industry savvy: experience navigating large-institution environments; influencing roadmaps; driving adoption of controls and best practices; typically 10+ years in IAM engineering within complex, global settings

Benefits

Commission earnings
Incentive compensation
Discretionary bonuses
Other short and long-term incentive packages
Other Morgan Stanley sponsored benefit programs

Company

Morgan Stanley

twittertwittertwitter
Glassdoor3.9
company-logo
Morgan Stanley is a financial services company that offers securities, asset management, and credit services.
dateFounded in 1935
location
New York, New York, USA
people-size10001+ employees
web-link
http://www.morganstanley.com

H1B Sponsorship

Morgan Stanley has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (222)
2024 (195)
2023 (173)
2022 (153)
2021 (165)
2020 (173)

Funding

Current Stage
Public Company
Total Funding
unknown
1997-02-05IPO

Leadership Team

leader-logo
James Gorman
Chairman and CEO
linkedin
leader-logo
Ted Pick
Chief Executive Officer (CEO)

Recent News

TradingView
Key facts: Morgan Stanley files for Bitcoin and Solana ETFs; CEO prioritizes investments
2026-01-18
Benzinga.com
Expert Outlook: Morgan Stanley Through The Eyes Of 5 Analysts
2026-01-18
Benzinga.com
Morgan Stanley Is A Hard-To-Replicate Franchise, Says Analyst
2026-01-17
Company data provided by crunchbase