Apply on Employer Site

New York Life Insurance Company · 19 hours ago

Corporate Vice President: IAM & AI Security Engineer

New York, United States

Full-time

Hybrid

Senior Level, Lead/Staff

$144K/yr - $206K/yr

10+ years exp

New York Life Insurance Company is seeking a Corporate Vice President: IAM & AI Security Engineer to contribute to their digital landscape. The role involves designing and modernizing IAM capabilities, focusing on integrating AI and security measures across various platforms.

FinanceFinancial ServicesInsurance

H1B Sponsor Likely

Responsibilities

Design and implement identity, authentication, and authorization solutions for AI-enabled and agentic systems, treating AI agents as first-class non-human identities

Define and enforce lifecycle management, access controls, and revocation for autonomous agents, machine identities, and service accounts

Implement delegated and “on-behalf-of” authorization patterns to clearly distinguish human-initiated actions from agent-initiated actions for audit and compliance

Apply least-privilege and scope-limiting controls to prevent privilege escalation in automated and multi-agent workflows

Design, engineer, and support enterprise IAM solutions across Identity Governance & Administration (IGA), Privileged Access Management (PAM), Web Access Management (WAM), and Directory Services

Lead identity lifecycle processes, including provisioning, access governance, certifications, and de-provisioning for human and non-human identities

Engineer and support privileged access capabilities, including just-in-time access, credential vaulting, and session management

Design and integrate directory and federation services, including Active Directory, Entra/Azure AD, LDAP, SAML, and OpenID Connect (OIDC)

Apply security architecture principles and IAM design patterns to deliver scalable, resilient, and compliant identity solutions

Integrate IAM capabilities across hybrid and cloud environments, with strong hands-on experience in AWS and GCP

Implement and support modern authentication and authorization frameworks, including OAuth 2.0, MFA, and passwordless authentication

Partner with Cybersecurity Architecture, Cloud, and Application teams to ensure IAM solutions meet security, risk, and regulatory requirements

Troubleshoot and resolve complex IAM-related authentication, authorization, and integration issues

Integrate IAM controls into AI/ML pipelines and automation frameworks, enabling real-time authorization, logging, and monitoring of agent activity

Collaborate with AI platform and infrastructure teams to support identity-aware enforcement of execution boundaries and access controls

Serve as a senior technical contributor within the IAM function, providing design guidance and technical mentoring

Contribute to the development of IAM and AI identity standards, reference architectures, and reusable engineering patterns

Evaluate emerging identity, cloud, and AI security technologies to inform platform enhancements and engineering roadmap decisions

Engineer IAM controls to mitigate AI-driven risks, including synthetic identities, AI-enabled credential abuse, deepfake impersonation, and adaptive MFA bypass techniques

Design and integrate AI/ML-driven solutions for anomaly detection, risk scoring, intelligent access governance, and adaptive authentication

Build and enforce lifecycle governance for service accounts, APIs, bots, and autonomous AI agents using just-in-time access and least-privilege principles

Treat AI models and agents as privileged entities and implement role-based and attribute-based authorization for model access, training, and invocation

Develop automation (e.g., Python, PowerShell, Java) to integrate IAM with AI platforms, security orchestration, and operational workflows

Qualification

IAM engineeringAI security architectureCloud environmentsIdentity Governance & AdministrationPrivileged Access ManagementWeb Access ManagementDirectory ServicesOAuth 2.0MFAPythonAWSGCPSecurity architecture principlesProblem-solving skillsTeam collaborationTechnical mentoring

Required

Bachelor's degree in Computer Science, Information Systems, Engineering, or equivalent practical experience

10+ years of hands-on experience in identity, access management, and security engineering, including 7+ years operating across multiple IAM domains such as Identity Governance & Administration (IGA), Privileged Access Management (PAM), Web Access Management (WAM), and Directory Services

Experience securing and integrating agentic and AI platforms (e.g., AWS Bedrock, LangChain-based or similar frameworks), applying security-first patterns such as prompt injection mitigation, secure authentication (OAuth2/OIDC), and execution isolation

Working knowledge of multi-agent orchestration, retrieval-augmented generation (RAG) architectures, vector databases, and MCP integrations, with emphasis on identity, access control, and governance

Demonstrated experience designing and implementing IAM solutions using security architecture principles and established design patterns in large, complex environments

2–3+ years of hands-on experience securing or integrating AI/ML or agentic systems, including applying identity, authentication, and authorization controls to AI-enabled or highly automated workflows

Proven experience managing non-human identities, including service accounts, APIs, workloads, and automated agents, using least-privilege and lifecycle governance principles

Strong experience with cloud identity and access management, with hands-on expertise in AWS and GCP

Deep understanding of identity and access protocols and standards, including OAuth 2.0, OpenID Connect (OIDC), SAML, LDAP, and modern token-based authorization models

Experience implementing and supporting modern authentication mechanisms, including MFA and passwordless authentication

Strong scripting and automation skills (e.g., Python, PowerShell, Java) to integrate IAM platforms with cloud, AI, and security tooling

Solid understanding of security, risk, and compliance requirements applicable to IAM in regulated environments

Ability to work effectively in a team-oriented, collaborative environment, with strong problem-solving skills

Preferred

Experience integrating IAM controls into AI/ML platforms, pipelines, or agent orchestration frameworks

Familiarity with machine and workload identity standards and tooling (e.g., SPIFFE, workload identity federation, secrets management)

Exposure to policy-as-code and fine-grained authorization models (e.g., OPA, Cedar, attribute-based access control)

Experience supporting Zero Trust architectures and cloud-native security patterns

Prior experience in a large enterprise or financial services environment

Relevant IAM or security certifications (e.g., SailPoint, CyberArk, Ping Identity, cloud security certifications)

Benefits

Leave programs

Adoption assistance

Student loan repayment programs

Company

New York Life Insurance Company

For over 180 years, we’ve helped turn your biggest dreams into milestones that last a lifetime.

Founded in 1845

New York, New York, USA

10001+ employees

https://www.newyorklife.com/

H1B Sponsorship

New York Life Insurance Company has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (149)

2024 (99)

2023 (85)

2022 (77)

2021 (48)

2020 (65)