×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer

Principal Security Engineer Identity & Access Management

Remote / Online - Candidates ideally in
Seattle, King County, Washington, 98101, USA
Listing for: Cambium Learning Group
Remote/Work from Home position
Listed on 2026-06-04
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 100000 - 125000 USD Yearly USD 100000.00 125000.00 YEAR
Job Description & How to Apply Below

Job Overview

The Principal Security Engineer, you will be the principal technical leader defining how users interact with our platforms. You will architect scalable solutions to manage the identity lifecycle for a diverse user base (Employees, contingent workers, and customers) across our on premise and SaaS applications. Your goal is to architect standards for a secure, frictionless experience—such as Single Sign-On (SSO), passwordless, API authentication—while adhering to strict data privacy regulations (FERPA, GDPR, COPPA).

Responsibilities
  • Identity Strategy & Architecture:
    Architect and maintain the target-state architecture for internal workforce identity and help redesign customer-facing (CIAM) as appropriate.
  • Secure Access & Authentication:
    Architect secure, modern authentication protocols (SAML, OAuth2, OIDC, FIDO2) and fortify phishing-resistant MFA.
  • Identity Lifecycle Automation:
    Collaborate with IAM team to design automated provisioning, maintenance, and deprovisioning processes (SCIM) to handle high-volume user onboarding/offboarding.
  • Integration:
    Drive the integration of our privileged identity platform with brand Active Directories, Cloud and on-prem based platforms, and third-party applications such as Sales Force and Workday, as well as the architecture of an API gateway.
  • Governance & Compliance:
    Define RBAC (Role-Based Access Control) and ABAC (Attribute-Based Access Control) models to ensure compliance with student data privacy laws (e.g., FERPA, GDPR).
  • Mentorship:
    Act as a subject matter expert and mentor engineers on identity-first security best practices.
Requirements
  • Experience:

    7+ years in IT/Security, with at least 4+ years focusing on Identity and Access Management (IAM) architecture.
  • Platform Expertise:
    Deep hands‑on experience with modern IDP & PAM solutions (e.g., Okta, Ping Identity, Microsoft Entra /Azure AD, Cyber Ark, Beyond Trust, etc.).
  • Technical

    Skills:

    Proficiency in directory services (LDAP, AD) and scripting languages (Power Shell, Python) for automation.
  • Protocol Knowledge:
    Exceptional understanding of TLS, SSO, Federation, SAML, OAuth2, and OIDC protocols.
  • Education:

    Bachelor’s degree in Computer Science, Information Technology, or equivalent experience.
Preferred Qualifications
  • Compliance:
    Familiarity with student data privacy regulations (FERPA, COPPA).
  • Zero Trust:
    Experience implementing Zero Trust architecture principals.
Certifications
  • CAIM, CAMS, CISSP, CISM, or vendor‑specific certifications (e.g., Okta Certified Architect).
Remote Work

Remote First approach gives employees the flexibility and trust they need to effectively balance work with life. It allows us to work collaboratively, inclusively and for greater positive impact, regardless of our individual locations. If you will be working remotely, either occasionally or on a permanent basis, you must have a reliable internet connection through a cable or fiber‑optic broadband service with minimum speeds of 10

Mbps download and 5

Mbps upload. The successful candidate will be expected to actively participate in video‑based interviews during the recruiting process and ongoing virtual meetings with their camera on, as part of their role. To maintain confidentiality and ensure a fair evaluation process, the use of note‑taking tools, reference materials, or AI‑powered tools (including generative AI, language models, or similar technologies) during interviews or other selection activities is prohibited unless prior written approval has been obtained from the People Experience team.

If you require an exception for medical, accessibility, or other reasons, please contact your Talent Acquisition team member to discuss accommodations in advance. As part of our Remote‑First benefits, we offer reimbursement to help cover the cost of setting up your home or remote office.

Equal Opportunity Employer

We are dedicated to fostering a culture that celebrates unique backgrounds, ideas, and experiences. All qualified applicants will receive consideration for employment without discrimination on the basis of race, color, age, religion, sex (including pregnancy, gender, gender identity/expression, or sexual orientation), national origin, protected veteran status, disability, or genetic information (including family medical history). We will provide reasonable accommodations for qualified individuals with disabilities.

You may request an accommodation during the recruiting process with your Talent Acquisition team member.

#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search