Sony Pictures Entertainment
Lead Engineer, Identity Management
Sony Pictures Entertainment, Culver City, California, United States, 90232
Lead Engineer, Identity Manage
The Lead Engineer, Identity Manage is responsible for the design, engineering, and operational excellence of Sony Pictures Entertainment’s (SPE) enterprise Identity and Access Management (IAM) ecosystem, with a primary focus on Okta Identity Governance, Identity Lifecycle Management, Security Operations, and Identity Compliance initiatives.
This role leads the end‑to‑end engineering, configuration, and maintenance of SPE’s Identity Governance and Administration (IGA) platform, ensuring secure, compliant, and efficient management of digital identities across all user populations. The position requires deep expertise in Okta and its governance, access, and lifecycle capabilities, as well as the ability to define and enforce identity standards and policies that align with enterprise security and compliance objectives.
This role will provide ongoing support, request fulfillment of the SPE’s IAM platform services, and escalation support to internal application teams and IAM team members. It also focuses on analyzing emerging authentication technologies to design and implement secure, intuitive, scalable, and reliable Access Management solutions that support SPE’s internal and external users.
Core Responsibilities
Lead the design, implementation, and operations of the Okta IGA platform, including lifecycle management (Joiner–Mover–Leaver), access governance, and compliance controls. Partner with business and security stakeholders to develop and enforce identity governance policies, ensuring adherence to corporate, regulatory, and audit requirements. Oversee access certification campaigns, entitlement reviews, and identity attestation processes to maintain least‑privilege access and compliance posture. Develop detailed architecture, standards, design, and implementation documentation. Manage directory services, including user provisioning, synchronization, and role‑based access control (RBAC) models. Participate in or lead troubleshooting and incident resolution of complex high severity incidents. Plan and manage project tasks, schedules, and resources related to Identity Access Management services. Provide technical expertise to application teams in Identity Access Management and governance, covering SSO, MFA, Identity Federation, Lifecycle Management, enterprise directory architecture, and resource provisioning. Extend the use of SPE’s enterprise IAM solutions via the Okta platform in collaboration with internal and external support teams. Identify and evaluate complex business and technology risks, internal controls, and related improvement opportunities. Install, integrate, and deploy identity management solutions. Communicate technical and functional aspects of IAM products and implementations to internal users and external partners. Continue enhancements to the ongoing IAM program. Support audit findings, compliance adherence, and organizational change initiatives. Resolve Okta system issues escalated within the service level agreement. Qualifications
Bachelor’s degree or equivalent applied experience. 8+ years of experience as an Identity Engineer/Architect or similar role. 8+ years of direct experience building and engineering large‑scale enterprise IAM solutions. 6+ years of experience implementing IAM solutions. 5+ years of software development experience (web applications) in an agile SaaS environment. Proven experience designing and managing Okta Identity Governance and Administration or equivalent IGA platforms. Strong understanding of identity lifecycle automation, access governance, and compliance frameworks such as SOX. Hands‑on expertise with Okta Workflows for automating identity processes and integrations. Experience integrating Workday (or other HR systems) as a source of truth for identity lifecycle management. Experience in security best practices such as least privilege, Privileged Access Management, passwordless authentication, etc. Expertise in SSO, MFA, Federation, and directory integration (Active Directory, LDAP, SCIM‑based provisioning). Hands‑on experience with scripting and automation (PowerShell, Python, or REST APIs) for identity orchestration. Knowledge of emerging authentication technologies and protocols. Okta certified professional a plus. Critical thinking, strategic planning, and process management skills. Excellent written and verbal communication skills. Excellent presentation and group dynamics skills. Proven excellence in client/partner relationship management with senior IT leaders. Proactive at finding solutions to complex problems. Anticipated base salary: $138,000–$167,000. Additional annual incentive and comprehensive benefits may apply. The actual base salary offered will depend on qualifications, experience, education, certifications, and location. Sony Pictures Entertainment is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, age, sexual orientation, gender identity, or other protected characteristics. SPE will consider qualified applicants with arrest or conviction records in accordance with applicable law. To request an accommodation for participating in the hiring process, contact SPE_Accommodation_Assistance@spe.sony.com.
#J-18808-Ljbffr
Lead the design, implementation, and operations of the Okta IGA platform, including lifecycle management (Joiner–Mover–Leaver), access governance, and compliance controls. Partner with business and security stakeholders to develop and enforce identity governance policies, ensuring adherence to corporate, regulatory, and audit requirements. Oversee access certification campaigns, entitlement reviews, and identity attestation processes to maintain least‑privilege access and compliance posture. Develop detailed architecture, standards, design, and implementation documentation. Manage directory services, including user provisioning, synchronization, and role‑based access control (RBAC) models. Participate in or lead troubleshooting and incident resolution of complex high severity incidents. Plan and manage project tasks, schedules, and resources related to Identity Access Management services. Provide technical expertise to application teams in Identity Access Management and governance, covering SSO, MFA, Identity Federation, Lifecycle Management, enterprise directory architecture, and resource provisioning. Extend the use of SPE’s enterprise IAM solutions via the Okta platform in collaboration with internal and external support teams. Identify and evaluate complex business and technology risks, internal controls, and related improvement opportunities. Install, integrate, and deploy identity management solutions. Communicate technical and functional aspects of IAM products and implementations to internal users and external partners. Continue enhancements to the ongoing IAM program. Support audit findings, compliance adherence, and organizational change initiatives. Resolve Okta system issues escalated within the service level agreement. Qualifications
Bachelor’s degree or equivalent applied experience. 8+ years of experience as an Identity Engineer/Architect or similar role. 8+ years of direct experience building and engineering large‑scale enterprise IAM solutions. 6+ years of experience implementing IAM solutions. 5+ years of software development experience (web applications) in an agile SaaS environment. Proven experience designing and managing Okta Identity Governance and Administration or equivalent IGA platforms. Strong understanding of identity lifecycle automation, access governance, and compliance frameworks such as SOX. Hands‑on expertise with Okta Workflows for automating identity processes and integrations. Experience integrating Workday (or other HR systems) as a source of truth for identity lifecycle management. Experience in security best practices such as least privilege, Privileged Access Management, passwordless authentication, etc. Expertise in SSO, MFA, Federation, and directory integration (Active Directory, LDAP, SCIM‑based provisioning). Hands‑on experience with scripting and automation (PowerShell, Python, or REST APIs) for identity orchestration. Knowledge of emerging authentication technologies and protocols. Okta certified professional a plus. Critical thinking, strategic planning, and process management skills. Excellent written and verbal communication skills. Excellent presentation and group dynamics skills. Proven excellence in client/partner relationship management with senior IT leaders. Proactive at finding solutions to complex problems. Anticipated base salary: $138,000–$167,000. Additional annual incentive and comprehensive benefits may apply. The actual base salary offered will depend on qualifications, experience, education, certifications, and location. Sony Pictures Entertainment is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, age, sexual orientation, gender identity, or other protected characteristics. SPE will consider qualified applicants with arrest or conviction records in accordance with applicable law. To request an accommodation for participating in the hiring process, contact SPE_Accommodation_Assistance@spe.sony.com.
#J-18808-Ljbffr