✦ Luna Orbit — Cybersecurity

Distinguished Software Engineer - Identity

at Discover Financial Services

📍 3 Locations Unknown 💰 $269K – $307K USD / year Posted April 17, 2026
Apply Now → ← Browse All Jobs

Position Details

Salary $269K – $307K USD / year
Type Full-Time
Experience lead
Exp. Years Not specified
Education Not specified
Category Cybersecurity

About this role

Distinguished Software Engineer role focused on modernizing Identity and Access Management for a regulated financial environment. The engineer will architect a Zero Trust approach using Just-In-Time (JIT) access, policy-as-code, and adaptive risk-based authorization.

Key Responsibilities

  • Architect the transition to Just-In-Time (JIT) access with zero standing privileges
  • Lead Policy-as-Code abstraction and centralized policy-based access model
  • Design authorization fabric using endpoint risk, network signals, and behavioral heuristics
  • Build Identity-as-a-Service developer APIs and self-service capabilities
  • Ensure compliance and audit standards for Identity and Access Management in a regulated landscape

Technical Overview

This role involves designing an authorization fabric that grants and revokes access based on real-time context, including endpoint risk, network signals, and behavioral heuristics. The technical direction includes abstracting legacy Identity Governance and Administration (IGA), implementing Open Policy Agent (OPA) or similar policy engines, and building resilient, high-scale distributed systems with developer-centric Identity-as-a-Service APIs.

Ideal Candidate

The ideal candidate is a distinguished technical leader in Identity with deep experience moving from Identity Governance and Administration (IGA) and standing privileges to a Just-In-Time (JIT) model. They have built or architected policy-as-code authorization using Open Policy Agent (OPA) (or similar policy engines), delivered adaptive risk-based access decisions, and designed resilient, high-scale distributed systems for a highly regulated environment.

Must-Have Skills

Experience with Identity Governance and Administration (IGA) abstractionJust-In-Time (JIT) ecosystem / zero standing privileges architectureOpen Policy Agent (OPA) or similar policy enginesAuthorization fabric for Zero Trust architectureBuilding resilienthigh-scale distributed systemsNavigating a highly regulated financial environment and meeting compliance/audit standards

Tools & Platforms

Open Policy Agent (OPA)Not specified

Required Skills

IdentityIdentity Governance and Administration (IGA)Just-In-Time (JIT)zero standing privilegesPolicy-as-CodeOpen Policy Agent (OPA)policy enginesauthorization fabricrisk-based access decisionsreal-time contextendpoint risknetwork signalsbehavioral heuristicsaccess elevationaccess revocationIdentity-as-a-Servicedeveloper-centric APIsself-service capabilitiesIAM (Identity and Access Management)Zero Trust architecturedecoupling legacy monolithsresilient high-scale distributed systemscomplianceaudit standardscode samplesblog posts

Hard Skills

IdentityIdentity Governance and Administration (IGA)Just-In-Time (JIT)zero standing privilegesZero Trust architecturePolicy-as-CodePolicy-based accesspolicy enginesOpen Policy Agent (OPA)authorization fabricrisk-based access decisionsreal-time contextendpoint risknetwork signalsbehavioral heuristicsauthorizationaccess elevationaccess revocationCloud JourneyIdentity-as-a-Servicedeveloper-centric APIsself-service capabilitiesIAM (Identity and Access Management)Open Policy Agent (OPA)decoupling legacy monolithsresilient high-scale distributed systemsregulated environment compliancecompliance and audit standardstechnical leadershipcode samplesblog postsarchitecturecentralizedpolicy-based access modelabstraction of IGA components

Soft Skills

Technical advisoryCommunicationKnowledge sharingLeadership through technical contributionCollaborationTrusted advisor mindsetStakeholder alignment

Industry & Role

Industry Banking
Job Function Architect and lead Identity security modernization using policy-based, adaptive, Just-In-Time (JIT) authorization.
Role Subtype Security Architect
Tech Domains Cybersecurity

Keywords for Your Resume

Distinguished Software Engineer - IdentityDistinguished EngineerIdentityIdentity Governance and Administration (IGA)Just-In-Time (JIT)zero standing privilegesPolicy-as-Codepolicy-based accesscentralized policy-based access modelOpen Policy Agent (OPA)authorization fabricrisk-based access decisionsreal-time contextendpoint risknetwork signalsbehavioral heuristicsaccess elevationaccess revocationIdentity-as-a-Servicedeveloper-centric APIsself-service capabilitiesIAM (Identity and Access Management)Zero Trust architectureCloud Journeydecoupling legacy monolithshigh-scale distributed systemscomplianceaudit standardsblog postscode samplespolicy-as-code

Deal Breakers

Must have experience with Identity Governance and Administration (IGA) abstraction, Must have experience with Open Policy Agent (OPA) or similar policy engines, Must have experience building Zero Trust / risk-based authorization systems for IAM in regulated environments

Apply for this Position →

Get matched to jobs like this

Luna finds roles that fit your skills and career goals — no endless scrolling required.

Create a Free Profile