Senior Staff Security Engineer - Cloud IAM (Microsoft Entra)

Job Title:

Location:

What you'll do:

• Design and manage enterprise-wide MFA and SSO strategies using Microsoft Entra ID (Azure AD).
• Implement and optimize conditional access, RBAC, PIM, and Just-In-Time access controls.
• Integrate Entra with SaaS, PaaS, and IaaS platforms for federated identity and seamless SSO experiences.
• Lead Zero Trust access initiatives across hybrid and multi-cloud environments.
• Monitor and respond to identity threats using Azure-native tools (Defender for Cloud, Sentinel, Microsoft Graph).
• Collaborate with cloud engineering, cybersecurity, and compliance teams to align IAM strategy with business and regulatory needs.
• Mentor junior engineers and lead IAM-related projects with a focus on secure authentication and access.

What you'll need:

• 6+ years in IAM, including 3+ years in a lead engineering role focused on cloud identity.
• Proven experience designing and managing MFA and SSO solutions at enterprise scale.
• Expertise in Microsoft Entra (Azure AD), identity federation, and modern authentication protocols (SAML, OAuth2, OIDC).
• Strong scripting and automation skills (e.g., PowerShell, Microsoft Graph, Terraform).
• Experience with Azure Security tools and cloud-native IAM in Azure and at least one other major cloud provider.
• Familiarity with financial compliance frameworks (SOX, GLBA, PCI-DSS).
• Bachelor's degree in Computer Science, Cybersecurity, or related field (or equivalent experience).
• Previous leadership experience preferred.
• Advanced knowledge of general Financial Services or Banking is preferred.
• Advanced experience with logging infrastructure concepts: syslog; log parsing; log de-duping; methods for log pulling; RFC 5424; CEF Format; JSON; key value pair format; log enrichment; log maintenance; and log troubleshooting.
• Solid understanding of load balancers, DNS, SMTP, etc. for troubleshooting application functionality.
• Advanced experience of NIST, MITRE, and Administration of either or all IT Automation platforms, SOAR, Firewall, IAM platform, SIEM, cloud cyber defense platforms, etc.
• Advanced speaking and writing communication skills.

Benefits you'll love:
We offer all the important things you'd want - like competitive salaries, an ownership stake in the company, medical and dental insurance, time off, a great 401k matching program, tuition assistance program, an employee volunteer program, and a wellness program. In addition, you'll have the opportunity to bolster your business knowledge, learning the ins and outs of how successful companies operate and manage their finances, giving you invaluable hands-on experience to help grow your career!

About the company:

Western Alliance Bank is a wholly owned subsidiary of Western Alliance Bancorporation. Alliance Bank of Arizona, Alliance Association Bank, Bank of Nevada, Bridge Bank, First Independent Bank, and Torrey Pines Bank are divisions of Western Alliance Bank; Member FDIC. AmeriHome Mortgage is a Western Alliance Bank company.

Western Alliance Bancorporation is committed to equal employment and will consider all qualified applicants without regard to race, sex, color, religion, age, nation origin, marital status, disability, protected veteran status, sexual orientation, gender identity or genetic information. Western Alliance Bancorporation is committed to working with and providing reasonable accommodations for individuals with disabilities. If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process and/or need an alternative method of applying, please email HR@westernalliancebank.com or call 602-386-2488. When contacting us, please provide your contact information and state the nature of your accessibility issue. We will only respond to inquiries concerning requests that involve a reasonable accommodation in the application process.

Western Alliance Bancorporation