What the Principal Identity Governance and Administration does at Worldwide

The Principal Identity Governance and Administration leads the architecture, engineering, automation, and operational delivery of enterprise IAM capabilities at Worldwide. Reporting to the Senior Director of IAM, this hands-on technical leader designs, builds, and operates scalable identity solutions across a complex, regulated, global environment, including assisting with the selection and implementation of a new IAM platform. The Principal partners with Security, Infrastructure, Cloud, DevOps, Application, and business teams to modernize authentication and access models, standardize lifecycle processes, and strengthen governance across the enterprise.

What you will do

• Architect, design, implement, and support enterprise IAM solutions for workforce, privileged, service, and application identities.

• Serve as a technical authority for Microsoft Entra ID, including Conditional Access, MFA, SSO, PIM, access reviews, and identity protection capabilities.

• Design and support hybrid identity solutions spanning Active Directory, Azure, Entra ID, and cloud/SaaS platforms.

• Lead hands-on engineering and automation efforts using PowerShell, Microsoft Graph, REST APIs, and related tooling.

• Develop and mature IAM integration patterns for enterprise applications using SAML, OAuth, OpenID Connect, SCIM, LDAP, and related identity standards where applicable.

• Support the design and implementation of role-based access control (RBAC), least privilege, privileged access governance, and lifecycle management processes.

What you will bring to the role

• Extensive hands-on experience in IAM architecture, engineering, and operational delivery.

• Deep technical expertise with Microsoft Entra ID, Azure, Active Directory, PowerShell, and identity-related Microsoft cloud services.

• Experience with SQL or relational data platforms for reporting, reconciliation, and analysis.

• Understanding of authentication and federation protocols such as SAML, OAuth 2.0, OpenID Connect, Kerberos, LDAP, and SCIM.

• Strong analytical, troubleshooting, and problem-solving capabilities in complex enterprise environments.

• Experience implementing enterprise-grade IGA tools (e.g., SailPoint, Saviynt, Okta)

Your experience

• Bachelor’s degree in Information Technology, Information Security, Computer Science, or a related field; equivalent relevant experience may be considered. Advanced degree preferred.

• 8+ years of progressive experience in Identity and Access Management, security engineering, infrastructure engineering, or related technical disciplines.

• Prior experience providing technical direction, making architecture decisions, and leading engineering execution.

• Demonstrated success designing and implementing IAM solutions in enterprise environments.

• Advanced hands-on experience with PowerShell automation and Microsoft identity technologies.

• Experience with Azure, Active Directory, enterprise application integration, and identity federation technologies.

• Relevant industry certifications such as CISSP, CISM, Microsoft security/identity certifications, Azure certifications, or related credentials are a plus.