×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer Cloud Computing: Infrastructure & Operations

Lead Cloud Identity Engineer

Job in Wichita, Sedgwick County, Kansas, 67232, USA
Listing for: Koch
Full Time position
Listed on 2026-06-12
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer, Cloud Computing: Infrastructure & Operations
Salary/Wage Range or Industry Benchmark: 100000 - 125000 USD Yearly USD 100000.00 125000.00 YEAR
Job Description & How to Apply Below

Overview

Your Job:
We have an exciting opportunity to hire a Lead Cloud Identity Engineer to join our already skilled engineering team. This individual will be a part of a global team that manages authentication and identity tools and procedures for Koch Industries. Working closely with global colleagues, as well as customers, will provide significant global exposure.

Location

Location:

This role requires an in office presence with flexibility in Wichita, KS / Atlanta, GA / or Plano, TX. This role is not eligible for VISA sponsorship.

What You Will Do
  • Set IAM architecture & standards:
    Define reusable patterns for SSO/federation, authorization models, privileged access, and workload/machine identity.
  • Lead design governance:
    Run identity design reviews for new applications and major platform changes; approve patterns, manage exceptions, and drive adoption.
  • Build authentication & federation:
    Design and implement SAML2, OAuth2/OIDC, WS-Fed, and FIDO2/passkeys, including adaptive/risk-based auth, conditional access, and MFA.
  • Engineer IAM platforms:
    Operate and enhance enterprise identity services (Ping One / Ping One DaVinci or equivalent orchestration platforms).
  • Lead developer for IAM platforms:
    Serve as lead developer driving hands-on code development to build, extend, and maintain new and existing identity platforms, including custom connectors, APIs, and orchestration flows.
  • Design authorization & governance:
    Build scalable RBAC/ABAC/PBAC models, entitlement catalogs, role engineering, and access request workflows (IGA).
  • Automate identity lifecycle:
    Lead and design end-to-end JML automation integrating HRIS, ITSM, directories, and apps via SCIM and event-driven pipelines.
  • Identity as Code:
    Manage identity configuration/policy using Terraform and CI/CD with testing, version control, and deployment discipline.
  • Zero Trust & Detection:
    Implement least privilege and continuous verification; integrate ITDR-style monitoring, logging, alerting, SLOs, and rapid revocation.
  • Incident leadership:
    Act as escalation for auth outages, federation issues, and credential compromise; lead RCA and post-incident hardening.
  • Influence & mentoring:
    Partner globally with architects, developers, and security; coach engineers through reviews, playbooks, and training.
Basic Qualifications
  • Extensive experience owning identity platforms at scale, with deep protocol-level expertise across SAML, OAuth2/OIDC, SCIM, FIDO2/passkeys, LDAP, and Kerberos.
  • Hands-on architecture across Azure Entra , AWS IAM, or Google Cloud Identity, including cross-cloud federation and hybrid identity patterns.
  • Practical experience designing and building infrastructure across Azure, AWS, or GCP.
  • Strong coding skills in Python and/or Type Script, with API integrations, Git, CI/CD, and automated testing. Delivery of identity configuration as versioned, testable code using Terraform or similar technologies.
  • Hands-on experience integrating diverse applications with enterprise governance platforms; design and delivery of JML automation, RBAC/ABAC/PBAC models and access workflows integrating HRIS → IAM → downstream apps via SCIM and event-driven pipelines.
What Will Put You Ahead
  • Experience building multi-step user journeys for Workforce, CIAM, and partner ecosystems using platforms such as Ping One DaVinci or Okta Workflows.
  • Hands-on development and design experience with SailPoint Identity Now/Identity

    IQ (or equivalent).
  • Real-time detection and response to identity-based threats, integrating signals from IdPs, directories, and SIEM/SOAR platforms.
Additional Information

At Koch companies, we are entrepreneurs. This means we openly challenge the status quo, find new ways to create value and get rewarded for our individual contributions. Any compensation range provided for a role is an estimate determined by available market data. The actual amount may be higher or lower than the range provided considering each candidate s knowledge, skills, abilities, and geographic location.

If you have questions, please speak to your recruiter about the flexibility and detail of our compensation philosophy.

Hiring Philosophy

All Koch companies value diversity of thought, perspectives,…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search