Lead Engineer, Identity Management

The Lead Engineer, Identity Management is responsible for the design, engineering, and operational excellence of Sony Pictures Entertainment’s (SPE) enterprise Identity and Access Management (IAM) ecosystem, with a primary focus on Okta Identity Governance, Identity Lifecycle Management, Security Operations, and Identity Compliance initiatives.

This role leads the end-to-end engineering, configuration, and maintenance of SPE’s Identity Governance and Administration (IGA) platform, ensuring secure, compliant, and efficient management of digital identities across all user populations. The position requires deep expertise in Okta and its governance, access, and lifecycle capabilities, as well as the ability to define and enforce identity standards and policies that align with enterprise security and compliance objectives.

This role will be responsible for providing ongoing support, request fulfillment of the SPE’s IAM platform services, and provide escalation and support to internal application teams and IAM team members. This role also focuses on analyzing emerging authentication technologies to design and implement secure, intuitive, scalable, and reliable Access Management solutions that support SPE’s both internal and external users.

This role must have experience with Okta Identity Management platform.

Core Responsibilities

• Lead the design, implementation, and operations of the Okta IGA platform, including lifecycle management (Joiner–Mover–Leaver processes), access governance, and compliance controls.

• Partner with business and security stakeholders to develop and enforce identity governance policies, ensuring adherence to corporate, regulatory, and audit requirements.

• Oversee access certification campaigns, entitlement reviews, and identity attestation processes to maintain least-privilege access and compliance posture.

• Develop detailed architecture, standards, design, and implementation documentation.

• Manage directory services, including user provisioning, synchronization, and role-based access control (RBAC) models.

• Participate in or lead troubleshooting and incident resolution of complex high severity incidents.

• Plan and manage project tasks, schedules, and resources related to Identity Access Management services.

• Provide a technical expertise to various application teams in Identity Access Management and governance, to include Single Sign On, MFA, Identity Federation, Lifecycle Management, Enterprise Directory architecture and design, and resource provisioning.

• Work with internal and external application support teams to extend the use of SPE’s enterprise Identity Access Management solutions via Okta platform.

• Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement.

• Understand complex business and information technology management processes.

• Responsible to install, integrate and deploy any Identity Management solutions.

• Communicate to internal users and external partners aspects of both the IAM product and the implementation at the technical and functional level appropriate for the situation

• Work with the Identity Access Management team to continue making enhancement to the SPE’s on-going Identity Access Management program.

• Support efforts regarding audit findings, adherence to compliance and organizational change.

• Responsible for working to resolve Okta system issues escalated within the service level agreement.

Qualifications

• Bachelor’s degree or equivalent applied experience

• 8+ years of experience as an Identity Engineer/Architect or similar role

• 8+ Years of direct experience with large scale enterprise level Identity Access Management (IAM) build and engineering.

• 6+ years of experience with implementing IAM solutions.

• 5+ years in software development (experience developing web applications), preferably in an agile SaaS environment.

• Proven experience designing and managing Okta Identity Governance and Administration or equivalent enterprise IGA platforms.

• Strong understanding of identity lifecycle automation, access governance, and compliance frameworks such as SOX.

• Hands-on expertise with Okta Workflows for automating identity processes and integrations.

• Experience integrating Workday (or other HR systems) as a source of truth for identity lifecycle management.

• Experience in security and implementation of best practices such as least privilege, Privileged Access Management, passwordless authentication, etc.

• Expertise in SSO, MFA, Federation, and directory integration (Active Directory, LDAP, and SCIM-based provisioning).

• Hands-on experience with scripting and automation (e.g., PowerShell, Python, or REST APIs) for identity orchestration.

• Knowledge of emerging authentication technologies and protocols.

• Okta certified professional a plus.

• Critical thinking, strategic planning, and process management skills.

• Excellent written and verbal communication skills.

• Excellent presentation and group dynamics skills.

• Proven excellence in client/partner relationship management with other Sr. leaders in IT.

• Proactive at finding solutions to complex problems.

The anticipated base salary for this position is $138,000-$167,000. This role may also qualify for annual incentive and/or comprehensive benefits. The actual base salary offered will depend on a variety of factors, including without limitation, the qualifications of the individual applicant for the position, years of relevant experience, level of education attained, certifications or other professional licenses held, and if applicable, the location of the position.

Sony Pictures Entertainment is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, age, sexual orientation, gender identity, or other protected characteristics.

SPE will consider qualified applicants with arrest or conviction records in accordance with applicable law.