Overview
On Site
USD 74,961.00 - 164,800.00 per year
Full Time
Skills
Retail
FOCUS
SSO
JIT
Provisioning
Scalability
Management
Multi-factor Authentication
Authentication
Incident Management
Collaboration
Regulatory Compliance
Security Engineering
RBAC
PIM
SAML
OIDC
OAuth
Federated Identity
Workflow
Windows PowerShell
Scripting
Microsoft
API
Terraform
Microsoft Azure
CISSP
Identity Management
Decision-making
Innovation
Energy
Leadership
Knowledge Management
Sales
Payments
Insurance
Information Security
Training
Job Details
Brightstar is an innovative, forward-thinking global leader in lottery that builds on our renowned expertise in delivering secure technology and producing reliable, comprehensive solutions for our customers. As a premier pure play global lottery company, our best-in-class lottery operations, retail and digital solutions, and award-winning lottery games enable our customers to achieve their goals, fulfill player needs and distribute meaningful benefits to communities. Brightstar has a well-established local presence and is a trusted partner to governments and regulators around the world, creating value by adhering to the highest standards of service, integrity, and responsibility. Brightstar has approximately 6,000 employees. For more information, please visit
Responsibilities
We are looking for a Principal Security Engineer - Identity Security to lead identity protection initiatives across our hybrid enterprise. This individual will be the technical owner of identity lifecycle security, focused on Microsoft Entra ID (Azure AD), RBAC, conditional access, and privileged access management. You will design and automate resilient identity architectures and lead the enforcement of least-privilege models and Zero Trust Identity frameworks.
Key Responsibilities:
Qualifications
Keys to Success
Building collaborative relationships
Decision making
Drive results
Foster innovation
Personal energy
Self-leadership
#LI-KM1 #LI-USREMOTE
At Brightstar, we consider a wide range of factors in determining compensation, including background, skills, experience, and work location. These factors can cause your compensation to vary. The estimated starting compensation range is $74,961 - $164,800. The actual pay offered may end up being higher or lower. The Company will comply with all local pay requirements and collective bargaining agreements, where applicable.
Base pay is only one part of our Total Rewards program. Sales roles may be eligible for commission payments, while other roles are eligible for discretionary bonuses. In addition, we offer employees a 401(k) Savings Plan with Company contributions, health, dental, and vision insurance, life, accident, and disability insurance, tuition reimbursement, paid time off, wellness programs, and identity theft insurance. Note: programs are subject to eligibility requirements.
All Brightstar employees have a role in information security. Annual training will be assigned and required as appropriate.
Responsibilities
We are looking for a Principal Security Engineer - Identity Security to lead identity protection initiatives across our hybrid enterprise. This individual will be the technical owner of identity lifecycle security, focused on Microsoft Entra ID (Azure AD), RBAC, conditional access, and privileged access management. You will design and automate resilient identity architectures and lead the enforcement of least-privilege models and Zero Trust Identity frameworks.
Key Responsibilities:
- Architect and secure Microsoft Entra ID (Azure AD) across federated and hybrid environments with a focus on SSO, conditional access, and authentication flows.
- Lead the deployment of robust RBAC models, JIT access via PIM, and secure provisioning/deprovisioning workflows.
- Automate identity operations using PowerShell, Microsoft Graph API, and Terraform, with emphasis on reproducibility and scalability.
- Enforce identity governance and entitlement management policies across users, apps, and services using Microsoft Entra ID Governance.
- Design and lead implementation of adaptive MFA and passwordless authentication strategies.
- Monitor for identity-based threats including token abuse, account compromise, and privilege escalation.
- Lead identity security incident response and ensure compliance with internal and regulatory policies.
- Collaborate cross-functionally with security, engineering, and compliance teams to enforce identity security across the stack.
Qualifications
- 5+ years of hands-on identity security engineering, with deep expertise in Microsoft Entra ID (Azure AD).
- Strong command of RBAC, PIM, conditional access, SAML, OIDC, OAuth2, and federated identity standards.
- Experienced in developing and deploying automation workflows using PowerShell scripting, Microsoft Graph API integration, and identity focused Terraform modules.
- Advanced understanding of hybrid identity models, AD Connect, and synchronization configurations.
- Knowledge of Zero Trust principles, modern identity threat detection, and access governance.
- Certifications such as SC-300, CIST, CIMP, CIAM, CAMS, Azure Security, CISSP, or credentials with a specialization in Identity and Access Management are strongly preferred.
Keys to Success
Building collaborative relationships
Decision making
Drive results
Foster innovation
Personal energy
Self-leadership
#LI-KM1 #LI-USREMOTE
At Brightstar, we consider a wide range of factors in determining compensation, including background, skills, experience, and work location. These factors can cause your compensation to vary. The estimated starting compensation range is $74,961 - $164,800. The actual pay offered may end up being higher or lower. The Company will comply with all local pay requirements and collective bargaining agreements, where applicable.
Base pay is only one part of our Total Rewards program. Sales roles may be eligible for commission payments, while other roles are eligible for discretionary bonuses. In addition, we offer employees a 401(k) Savings Plan with Company contributions, health, dental, and vision insurance, life, accident, and disability insurance, tuition reimbursement, paid time off, wellness programs, and identity theft insurance. Note: programs are subject to eligibility requirements.
All Brightstar employees have a role in information security. Annual training will be assigned and required as appropriate.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.