[Remote] Corporate Vice President - Lead AI Engineer, Identity & Access Management Job Details | New York Life Insurance Co

Remote Full-time
Note: The job is a remote job and is open to candidates in USA. New York Life is a Fortune 100 mutual company with a legacy of purpose and integrity. They are seeking a Lead AI Engineer in Identity & Access Management to design, develop, and deliver AI-driven solutions while providing technical leadership and mentorship across the cybersecurity team.ResponsibilitiesOwn the engineering, configuration, and ongoing operation of the enterprise IAM Orchestration and MCP Identity Gateway platformDrive onboarding and adoption across internal teams, applications, and AI agents, serving as the primary technical point of contact for integration effortsEngineer and maintain the gateway as the centralized enforcement layer for OAuth 2.0-based authentication, token delegation, and policy-driven authorization (via OPA) across human and non-human access patternsDesign and implement MCP integrations that expose backend enterprise systems as standardized, secure tool endpoints consumable by AI agentsEnsure the platform provides robust rate limiting, quota management, kill-switch controls, and full audit logging in alignment with enterprise risk and compliance requirementsCollaborate with identity platform teams (IDP, PAM, IGA, Directory Services) to maintain seamless identity orchestration across the enterprise stackDefine and execute an integration roadmap to extend gateway capabilities, including human-in-the-loop controls and cross-cloud identity flowsLead the design, development, and phased delivery of the Cyber Multi-Agent Ecosystem, functioning as the primary AI engineer and technical lead for the initiativeArchitect and implement a centralized, multi-agent platform on Gemini Enterprise Agent Platform (FKA Vertex) and/or Amazon AgentCore, integrating MCP tooling, vector databases, and retrieval-augmented generation (RAG) architectures for intelligent Cyber and IAM automationDevelop and operationalize AI agents across Cyber sub-domains including Identity Governance (UAG), Privileged Access Management (PAM), Web Access Management (WAM), Active Directory, and LDAP enabling end-to-end workflow automation and near real-time SLAsDesign and implement Agent Card standards, a Central Agent Registry, and Agent-to-Agent (A2A) communication protocols to support a governed, extensible multi-agent operating modelBuild an OPA-based policy engine for runtime authorization, Separation of Duties (SoD) enforcement, and governance across all agents and pipelinesEstablish AI inventory and lifecycle management practices to ensure all deployed agents are registered, governed, audited, and compliant with enterprise security standardsDefine and enforce Secure Development & Deployment (SDD) guardrails for the agentic ecosystem, including controls for prompt injection mitigation, execution isolation, and unsafe automation preventionPartner with AI platform, data engineering, and cloud infrastructure teams to architect and finalize the unified data layer (databases, vector stores, caching) that underpins the agentic ecosystemProvide technical leadership and mentorship to sub-domain teams (UAG, PAM, WAM, AD, LDAP), enabling each team to contribute agents and tools aligned to central standardsMaintain strong delivery governance — managing the linkage between Jira backlog, agent development, and production execution to ensure traceability and accountability end-to-endDrive POC-first, incrementally scaled rollout across IAM domains, building reusable agentic components centrally for re-use across the ecosystemServe as the CISO organization’s designated representative on the Enterprise Security Review Board (SRB), providing authoritative security assessment and approval recommendations for all AI-related submissionsAssess AI system and agentic workflow proposals for security risk, including prompt injection, privilege escalation, unauthorized data access, synthetic identity abuse, and unsafe automation patternsEvaluate proposed AI architectures for alignment with enterprise IAM, zero trust, and cloud security standards prior to production approvalProvide clear, actionable security guidance and remediation requirements to AI development and product teams during the SRB processMaintain and evolve the enterprise AI security governance framework, contributing to standards, guardrails, and reference architectures leveraged across the organizationRepresent the CISO organization credibly across cross-functional governance forums, including Architecture Review Boards and enterprise AI working groupsDesign and implement identity, authentication, and authorization solutions for both traditional and AI-enabled systems, treating AI agents as first-class non-human identitiesDefine and enforce lifecycle management, access controls, and revocation for autonomous agents, machine identities, and service accounts using least-privilege principlesImplement delegated and “on-behalf-of” authorization patterns to distinguish human-initiated from agent-initiated actions for audit and compliance purposesApply least-privilege and scope-limiting controls to prevent privilege escalation in automated and multi-agent workflowsDesign and support enterprise IAM solutions across Identity Governance & Administration (IGA), Privileged Access Management (PAM), Web Access Management (WAM), and Directory ServicesIntegrate IAM controls across hybrid and cloud environments, with strong hands-on experience in GCP and AWSImplement modern authentication and authorization frameworks including OAuth 2.0, MFA, and password less authenticationSkillsBachelor's degree in Computer Science, Information Systems, Engineering, or equivalent practical experience10+ years of combined experience in identity & access management, security engineering, and/or AI/software engineering — with a demonstrated track record of both hands-on development and technical leadershipStrong hands-on experience building and deploying AI agents and agentic pipelines on Google Cloud Platform (GCP), with specific expertise in Gemini Enterprise Agent Platform (FKA Vertex)Hands-on experience with Amazon AgentCore or equivalent managed agentic AI frameworks (e.g., AWS Bedrock Agents) for deploying and securing AI agent workflows at scaleDemonstrated experience as an AI engineer or AI developer: writing production code, building agent frameworks, integrating LLMs into operational systems, and designing multi-agent orchestration architecturesWorking knowledge of multi-agent orchestration patterns, retrieval-augmented generation (RAG) architectures, vector databases, MCP tooling, and Agent-to-Agent (A2A) communication protocolsExperience building or operating an IAM Orchestration or MCP Identity Gateway platform, with hands-on knowledge of OAuth 2.0 token flows, policy-as-code enforcement (OPA or equivalent), and identity-aware API gateway patternsExperience securing agentic systems against prompt injection, privilege escalation, execution boundary violations, and unsafe automation, embedding these controls into the development lifecycle7+ years of IAM domain experience across Identity Governance & Administration (IGA), Privileged Access Management (PAM), Web Access Management (WAM), and/or Directory ServicesProven experience managing non-human identities (service accounts, APIs, workloads, autonomous agents) using least privilege and lifecycle governance principlesDeep understanding of identity and access protocols: OAuth 2.0, OpenID Connect (OIDC), SAML, LDAP, and modern token-based authorization modelsStrong software engineering and automation skills (Python, PowerShell, Java or equivalent) with demonstrated ability to deliver production systems, not just prototypesExperience with enterprise IAM platforms such as SailPoint (IGA), CyberArk (PAM), PingFederate/PingIdentity (WAM/Federation), and directory services (Active Directory, LDAP)Demonstrated ability to lead cross-functional technical delivery, mentor engineers, and drive alignment across organizational boundariesStrong communication skills and able to articulate complex AI and security concepts clearly to both technical teams and executive or governance audiencesFamiliarity with machine and workload identity standards (e.g., SPIFFE/SPIRE, workload identity federation, secrets management)Experience designing Agent Card standards, Central Agent Registries, and governed A2A communication frameworks in a multi-agent environmentExperience establishing AI inventory and lifecycle management practices for autonomous agents in enterprise production environmentsExposure to policy-as-code and fine-grained authorization models beyond OPA (e.g., Cedar, attribute-based access control frameworks)Experience supporting Zero Trust architectures and cloud-native security patternsPrior experience serving on or supporting a Security Review Board or Architecture Review Board, particularly for AI or cloud system proposalsPrior experience in a large enterprise or regulated financial services environmentRelevant certifications (e.g., Google Professional Cloud Security Engineer, Google Professional ML Engineer, AWS Security Specialty, AWS Machine Learning Specialty, SailPoint, CyberArk, CISSP, CISM)BenefitsOvertime eligible: ExemptDiscretionary bonus eligible: YesSales bonus eligible: NoAdditionally, employees are eligible for an annual discretionary bonus.In addition to base salary, employees may also be eligible to participate in an incentive program.We provide a full package of benefits for employees – and have unique offerings for a modern workforce, including leave programs, adoption assistance, and student loan repayment programs.Based on feedback from our employees, we continue to refine and add benefits to our offering, so that you can flourish both inside and outside of work.Company OverviewFor over 180 years, we’ve helped turn your biggest dreams into milestones that last a lifetime. It was founded in 1845, and is headquartered in Leawood, Kansas, USA, with a workforce of 10001+ employees. Its website is https://www.newyorklife.com/amn.Company H1B SponsorshipNew York Life has a track record of offering H1B sponsorships, with 19 in 2026, 148 in 2025, 99 in 2024, 85 in 2023, 77 in 2022, 48 in 2021, 65 in 2020. Please note that this does not guarantee sponsorship for this specific role.

Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Cyber Security Engineer

Remote

**Experienced Teen Data Entry Specialist – Remote Amazon Opportunity for Flexible Work Schedule**

Remote

Remote Call Center Representative - $15/Hour

Remote

Experienced Associate Consultant, Healthcare – Policy Analysis, Client Advocacy, and Strategic Solutions Development

Remote

Community Health Education and Training Coordinator (STDT LIFE DEV SPEC 3)

Remote

Jobs Working from Home | Engage with Customers in a Fully Virtual Environment

Remote

EFL TEACHER

Remote

**Customer Service Representative – Remote Opportunity at blithequark**

Remote

Strategic Operations Manager

Remote

Collections Analyst

Remote
← Back