Sign In
Skip to content
← Back to job listings

Principal Engineer – Identity Governance & Administration (IGA)

Nxp · Bangalore

CybersecurityLeadQuick applyfull-time2 months ago

About The Role

Role Overview

We are seeking a Principal Engineer – Identity Governance & Administration (IGA) to serve as the technical authority and owner for enterprise-wide identity governance capabilities. This role is responsible for defining and evolving the governance, lifecycle, and policy layer that protects company intellectual property, enforces least privilege, and enables Zero Trust at scale.

This is a deeply technical, hands-on principal role with end-to-end accountability—from IGA platform evaluation and selection to governance model design, integration engineering, and long-term roadmap ownership. The ideal candidate brings expert-level experience with SailPoint, Saviynt, or equivalent enterprise IGA platforms, combined with strong systems thinking and the ability to design durable governance solutions in complex, global environments.

IGA is a Tier-0 security capability. Weak governance leads directly to over-privileged access, toxic combinations, audit failures, and elevated breach impact. This role ensures access is intentional, justified, reviewable, and continuously governed—across humans, machines, and AI-driven identities.

Key Responsibilities

  • IGA Architecture & Technical Ownership
  • Act as the principal technical owner for Identity Governance & Administration platforms and capabilities

Define, document, and evolve end-to-end IGA architecture, including

  • Identity lifecycle management
  • Access request and approval workflows
  • Role, entitlement, and policy models
  • Certification and review frameworks
  • Establish reference architectures, engineering standards, and design patterns for identity governance
  • Own the multi-year IGA roadmap aligned with enterprise security and Zero Trust strategy
  • Identity Lifecycle & Access Governance

Design and implement scalable Joiner / Mover / Leaver (JML) workflows integrated with

  • HR systems
  • Directories and IAM platforms
  • Cloud platforms and applications
  • Build and maintain RBAC, ABAC, and policy-based access models that scale across thousands of applications

Implement and optimize

  • Access request and approval flows
  • Periodic access certifications and reviews
  • Segregation of Duties (SoD) controls
  • Ensure governance coverage across human, privileged, and non-human identities
  • Governance for Non-Human, AI & Machine Identities

Define governance models for non-human identities, including

  • AI agent identities
  • Robotic Process Automation (RPA) identities
  • Service accounts, application identities, and APIs

Ensure machine and AI identities are

  • Properly onboarded, approved, and reviewed
  • Least-privileged and policy-governed
  • Auditable and lifecycle-managed
  • Prevent entitlement sprawl, orphaned access, and unmanaged machine identities
  • Integrate non-human identity governance into enterprise access reviews and compliance reporting
  • Zero Trust Enablement & Risk Reduction
  • Embed least privilege, continuous governance, and defense-in-depth into all access models
  • Partner with IAM, Security Architecture, and Cloud teams to ensure governance supports Zero Trust enforcement

Proactively identify and remediate

  • Access sprawl
  • Toxic combinations
  • Orphaned and dormant entitlements
  • Reduce blast radius by ensuring access is time-bound, role-aligned, and continuously reviewed
  • Platform Engineering, Integration & Automation
  • Evaluate, select, and implement enterprise-grade IGA platforms (SailPoint, Saviynt, or equivalent)

Engineer robust integrations with

  • Directories and IAM systems
  • Cloud platforms (AWS, Azure, GCP)
  • Enterprise and SaaS applications
  • Push beyond “tool configuration” to engineered governance solutions
  • Increase automation to reduce manual effort, operational risk, and audit friction
  • Innovation, Continuity & Technical Leadership
  • Continuously assess emerging IGA capabilities, identity standards, and automation opportunities
  • Ensure knowledge continuity and eliminate dependency on individual resources
  • Mentor senior engineers and elevate identity governance maturity across the organization
  • Make high-judgment tradeoffs between speed, risk, and long-term maintainability

Required Qualifications

Experience

  • 10+ years of experience in Identity & Access Management with deep specialization in IGA
  • Proven experience designing and operating enterprise-scale identity governance platforms

Technical Expertise

Expert-level hands-on experience with

SailPoint (IdentityIQ / IdentityNow), Saviynt, or comparable IGA platforms

Strong understanding of

  • Identity lifecycle management (JML)
  • Access governance and certification models
  • RBAC, ABAC, and policy-driven access control
  • Segregation of Duties (SoD) design and enforcement
  • Zero Trust and identity-centric security architecture

Experience integrating IGA platforms with

  • HR systems
  • Directories and IAM platforms
  • Cloud and SaaS applications
  • Strong understanding of APIs, integrations, and distributed systems
  • Architectural & Leadership Skills
  • Ability to design governance solutions that scale across global enterprises
  • Strong systems thinking and long-term architectural judgment
  • Proven ability to influence architecture and standards without formal authority
  • Comfortable operating in ambiguous, high-impact problem spaces

Preferred Qualifications

  • Experience supporting global enterprises with complex identity ecosystems
  • Strong cloud identity governance experience across AWS, Azure, and/or GCP
  • Background in security architecture, platform engineering, or large-scale SaaS systems
  • Familiarity with privileged access governance and non-human identity risk
  • Experience partnering with GRC, Audit, and Compliance teams

Why This Role Is Critical

Identity governance determines who gets access, to what, and why. Without strong IGA, Zero Trust cannot scale, audits become fragile, and security incidents have outsized impact.

This role directly protects the organization from

Over-privileged access and toxic combinations

Unmanaged AI, robotic, and service identities

Audit failures and compliance exposure

Excessive blast radius during security incidents

This position is for an engineer who wants to define how identity governance works—not just operate tools—and who understands that governance is a core security control, not an afterthought.

More information about NXP in India...

#LI-7013

This listing was posted by a verified recruiter at Nxp. Report this listing