[Remote] Corporate Vice President - Access Management & Authentication Engineer Job Details | New York Life Insurance Co

Remote Full-time
Note: The job is a remote job and is open to candidates in USA. New York Life is a Fortune 100 mutual company committed to integrity and innovation, evolving into a technology-driven organization. They are seeking a Corporate Vice President - Access Management & Authentication Engineer to lead the design and governance of enterprise-wide authentication and access management capabilities, ensuring strong security and compliance across various environments.ResponsibilitiesLead the design, engineering, and evolution of enterprise web access management (WAM) and authentication platforms supporting workforce and application accessArchitect and expand single sign-on (SSO) and federation services using industry-standard identity and authorization protocolsDefine and implement modern authentication strategies, including passwordless, phishing-resistant, and strong customer authentication approachesDesign and govern multi-factor authentication (MFA) frameworks, including adaptive, risk-based, and step-up authentication modelsEngineer secure session management and token lifecycle controls, ensuring appropriate re-authentication, session integrity, and privilege enforcementDesign and integrate API authorization and access control patterns, aligning OAuth-based authorization with API gateways and platform servicesApply public key infrastructure (PKI) and cryptographic trust models to authentication, federation, and service-to-service accessEstablish reusable authentication and access management patterns, guardrails, and reference architectures across web, mobile, API, and cloud environmentsServe as the technical authority for access management and authentication, advising architecture reviews, security assessments, and engineering teams on secure design decisionsPerform security assessments of applications, cloud workloads, identity architectures, and vendor solutions, with a primary focus on IAM, cloud identity, and non-human identity risksServe as a senior technical contributor within the Security Review Board (SRB), leading identity-focused reviews and influencing secure architecture decisionsConduct deep technical analysis of authentication flows, authorization models, role and attribute design, privilege paths, and non-human identity usageIdentify security gaps and risks related to IGA, PAM, WAM, MFA, cloud IAM, and workload identity, and recommend remediation strategiesSupport the Information Security exception lifecycle, including:Risk analysis and documentationEvaluation of compensating controlsReassessment and expiration managementDevelop, update, and govern IAM and identity-related Security Technical Standards, reference architectures, and implementation guidanceDefine and maintain reusable security patterns, guardrails, and assessment criteria to improve consistency across SRB reviews and security assessmentsPartner with Architecture, Risk, and Engineering teams to resolve findings and guide teams toward compliant, secure designsClearly articulate technical risks, tradeoffs, and recommendations to senior technology and security leadershipTrack and assess emerging risks related to cloud privilege models, non-human identities, automation, and AI-enabled systemsSkillsBachelor's degree in Computer Science, Information Systems, or equivalent practical experience10+ years of experience in Identity & Access Management, with deep specialization in access management, authentication, and federation technologiesProven experience designing, engineering, and operating enterprise Web Access Management (WAM) platforms supporting large-scale workforce and application authenticationHands-on experience with enterprise federation and access management platforms, such as PingFederate, PingProtect, or similar technologies, including authentication policy design, federation trust configuration, and token servicesExpert-level knowledge of authentication, authorization, and federation protocols, including SAML 2.0, OAuth 2.0, and OpenID ConnectStrong experience architecting and scaling single sign-on (SSO) and federated identity solutions across web, mobile, API, and cloud-native environmentsDemonstrated experience implementing modern authentication approaches, including passwordless and phishing-resistant authentication methodsDeep understanding of multi-factor authentication (MFA) models, including adaptive, risk-based, and step-up authentication strategiesUnderstanding of the Linux OSUnderstanding of LDAPHands-on experience with API authorization and access control, including OAuth-based authorization flows and integration with API gateways or platform servicesStrong knowledge of session management, token security, and identity token lifecycle controls, including re-authentication and privilege elevation patternsPractical experience applying public key infrastructure (PKI), certificate-based authentication, and cryptographic trust models within access management and authentication architecturesAbility to serve as a technical authority and design reviewer, influencing architecture decisions and guiding engineering teams toward secure, scalable authentication solutionsProven experience delivering phishing-resistant, passwordless authentication at enterprise scale, including passkeys, FIDO2, and hardware-backed authenticatorsHands-on experience with adaptive, continuous, or risk-based authentication models, incorporating behavioral, device, and contextual signalsStrong understanding of Zero Trust access principles applied to workforce, application, and API authentication and authorizationExperience securing modern API and distributed architectures, including OAuth token exchange, delegation, and fine-grained authorization patternsFamiliarity with identity assurance and authentication strength frameworks, including step-up verification for sensitive or high-risk transactionsExperience applying modern trust and identity models for non-human and workload identities, such as SPIFFE/SPIRE, service-to-service authentication, or mTLS-based access patternsExposure to AI-enabled and agent-based access models, including authentication and authorization considerations for AI systems, agents, or platforms (e.g., MCP-based identity contexts, AI service identities, or policy enforcement for AI-driven workflows)Experience with Windows OSExperience with AWS and KubernetesUnderstanding of network flows and topologyHands-on experience with passwordless authentication platforms, such as HYPR or similar FIDO2 / passkey-based solutionsProgrammer experienceBenefitsOvertime eligible: ExemptDiscretionary bonus eligible: YesSales bonus eligible: NoEmployees are eligible for an annual discretionary bonusEmployees may also be eligible to participate in an incentive programWe provide a full package of benefits for employees – and have unique offerings for a modern workforce, including leave programs, adoption assistance, and student loan repayment programsCompany OverviewFor over 180 years, we’ve helped turn your biggest dreams into milestones that last a lifetime. It was founded in 1845, and is headquartered in Leawood, Kansas, USA, with a workforce of 10001+ employees. Its website is https://www.newyorklife.com/amn.Company H1B SponsorshipNew York Life has a track record of offering H1B sponsorships, with 19 in 2026, 148 in 2025, 99 in 2024, 85 in 2023, 77 in 2022, 48 in 2021, 65 in 2020. Please note that this does not guarantee sponsorship for this specific role.

Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Senior Manager of Financial Reporting

Remote

[Remote] Territory Sales Manager - Alberta, Manitoba, and Saskatchewan Job Details | Apex Tool Group

Remote

Accounts Receivable & Payable Specialist

Remote

Customer Service/Inside Sales Representative (Property and Casualty) - Remote - Full-Time Opportunity with a Global Leader in Customer Experience and Tech-Powered Innovation

Remote

Certified Pharmacy Technician, Fulfillment - Amazon Pharmacy

Remote

Experienced Part-Time Data Entry Clerk - Work From Home Opportunity at careerzynith

Remote

RN - Nurse Auditor - HCC Program Management

Remote

Graphic Designer, Brand Identity - Remote

Remote

Apply Now: Urgently Require Job Coach - Vocational Rehabilitation

Remote

**Experienced Entry-Level Remote Customer Success Representative – Unlocking Unlimited Growth Opportunities at arenaflex**

Remote
← Back