Technical Lead, Identity, Access & Platform Security

Title: Technical Lead, Identity, Access & Platform Security
Location: 3 Days a week Hybrid(Need local to Denver, CO)

As a Technical Lead focused on Identity, Access, and Platform Security, you will play a critical role in advancing enterprise security initiatives by leading the technical design and implementation of identity and platform security controls. You will act as the primary technical authority across multiple workstreams, translating security objectives into scalable, practical solutions and ensuring consistent execution across engineering teams.
This role is highly collaborative and hands-on, requiring deep expertise in identity platforms, endpoint/device management, and enterprise security architecture. You will partner closely with cybersecurity, infrastructure, and engineering teams to drive secure, resilient solutions across the organization.
This role is responsible for aligning identity and access controls with endpoint/device posture—including macOS environments—ensuring seamless integration between
identity platforms (e.g., Entra ID, Conditional Access) and device management solutions (e.g., Intune, Jamf).

What You Will Do
Key Responsibilities
Core Leadership & Architecture
● Serve as the technical lead across multiple security and infrastructure workstreams, providing architecture guidance and implementation oversight
● Translate security strategy and program objectives into technical designs, implementation plans, and engineering deliverables
● Partner with cybersecurity, infrastructure, identity engineering, and endpoint teams to ensure consistent implementation of security controls
● Review and validate technical solutions to ensure alignment with enterprise security standards and architectural principles
● Act as the technical bridge between Identity, Security, and Endpoint Engineering teams, ensuring alignment across domains—particularly in environments supporting macOS devices

Identity & Access Security
● Lead initiatives focused on account security hardening and identity protection across enterprise platforms
● Design and implement Conditional Access policies and identity protection controls
● Mitigate identity-based threats such as password spray attacks and credential abuse
● Support SSO integrations and identity risk management frameworks
● Ensure alignment between identity-driven access controls (Conditional Access, MFA) and endpoint/device compliance signals across both Windows and macOS environments

Device & Platform Security
● Establish hardware and device management standards across enterprise environments
● Support and guide Apple Business Manager (ABM), Automated Device Enrollment (ADE), and macOS device lifecycle management across enterprise environments
● Ensure secure configuration baselines and compliance across endpoints
● Ensure macOS and endpoint device posture (compliance, encryption, authentication state) is integrated into identity and access control decisions (e.g., Conditional Access policies) 

Monitoring, Detection & Response
● Define and support implementation of monitoring and alerting infrastructure
● Integrate identity and device signals into detection workflows
● Validate monitoring coverage for authentication risks and compliance events
● Ensure endpoint signals (including macOS devices) are incorporated into identity risk detection and response workflows

Delivery & Collaboration
● Partner with project and program leadership to track progress, manage risks, and resolve blockers
● Provide technical leadership during design, implementation, and validation phases
● Facilitate alignment across engineering teams, security stakeholders, and enterprise architecture

What You Will Bring | Required Qualifications
● 6–10+ years of experience in enterprise infrastructure, identity engineering, or cybersecurity engineering
● Experience serving as a technical lead or senior engineer on complex, cross-functional initiatives
● Strong knowledge of identity and access management (IAM), including SSO, MFA, and Conditional Access
● Experience implementing enterprise security controls and identity protection strategies
● Hands-on experience or strong working knowledge of endpoint/device management platforms (e.g., Intune, Jamf, Kandji, Workspace ONE), including environments supporting macOS devices
● Experience working in environments that include macOS/Apple devices, with understanding of how macOS integrates with identity platforms (SSO, Conditional Access, device compliance)
● Experience working with security monitoring, detection, and alerting systems
● Ability to connect device posture (compliance, enrollment, authentication state) with identity-driven access controls in a Zero Trust model
● Experience operating at a technical lead level, driving cross-functional alignment across IAM, Security, and Endpoint teams
● Strong ability to translate security requirements into scalable technical solutions
● Proven ability to collaborate across cybersecurity, infrastructure, and engineering teams

Preferred Qualifications
● Deep hands-on macOS endpoint engineering experience (e.g., Jamf, Intune macOS, ABM/ADE)
● Experience with Microsoft Entra ID / Azure AD, Conditional Access, and Identity Protection
● Experience implementing SSO integrations across enterprise applications
● Familiarity with Apple Business Manager (ABM), MDM solutions, and device enrollment programs
● Experience mitigating credential-based attacks (password spraying, brute force, etc.)
● Knowledge of SIEM/SOAR platforms and security monitoring architectures
● Background in security architecture or platform security engineering

Key Skills
● Identity & Access Management (IAM)
● Conditional Access & Identity Protection
● Enterprise Security Architecture
● Endpoint & Device Management
● macOS / Apple Device Ecosystem (ABM, ADE, MDM)
● SSO & Authentication Security
● Security Monitoring & Alerting
● Cross-Team Technical Leadership
● Risk Identification & Mitigation
● Endpoint Compliance & Device-Based Access Control

Note
This role is not a pure endpoint engineering position; however, candidates must have sufficient exposure to macOS and enterprise device management to guide
implementation and validate security controls across endpoint environments.
Our Values
We’re privileged to serve a loyal customer base and build lasting relationships based on trust and mutual success. Our team delivers exceptional quality and consistency through a white-glove approach—pairing tailored solutions with practical insight to help clients thrive in an ever-evolving tech landscape.
The values we live by:
● Customer-centric Solutions
● Innovation & Excellence
● Integrity & Transparency
● Data-driven Decision Making