****About Applied Intuition
Applied Intuition, Inc. is powering the future of physical AI. Founded in 2017 and now valued at $15 billion, the Silicon Valley company is creating the digital infrastructure needed to bring intelligence to every moving machine on the planet. Applied Intuition services the automotive, defense, trucking, construction, mining and agriculture industries in three core areas: tools and infrastructure, operating systems, and autonomy. Eighteen of the top 20 global automakers, as well as the United States military and its allies, trust the company’s solutions to deliver physical intelligence. Applied Intuition is headquartered in Sunnyvale, California, with offices in Washington, D.C.; San Diego; Ft. Walton Beach, Florida; Ann Arbor, Michigan; London; Stuttgart; Munich; Stockholm; Bangalore; Seoul; and Tokyo. Learn more at applied.co.
We are an in-office company, and our expectation is that employees primarily work from their Applied Intuition office 5 days a week. However, we also recognize the importance of flexibility and trust our employees to manage their schedules responsibly. This may include occasional remote work, starting the day with morning meetings from home before heading to the office, or leaving earlier when needed to accommodate family commitments.
About the role
We are seeking a hands-on Technical Lead to own identity end-to-end, from foundational IDP architecture through to privileged access, secrets management, and access governance for AI agents. This is a senior individual contributor role with broad technical scope and direct influence on identity engineering, security, and compliance outcomes. You will set direction, drive implementation, and operate as the primary identity expert across the organization.
At Applied Intuition, you will:
- Define the long-term IAM strategy, roadmap, and operating model across the enterprise and product ecosystem.
- Assess and mature the current-state Identity Provider (IDP) architecture, identifying gaps and driving the path to a resilient, scalable design.
- Drive all identity systems toward Zero Trust principles - secure, scalable, and frictionless by default.
- Automate the full identity lifecycle beyond traditional IGA joiner-mover-leaver (JML) processes.
- Implement and enforce RBAC for human and non-human identities at scale.
- Define and operationalize least-privilege policies across all systems and environments.
- Centralize secrets management - keys, tokens, certificates - across cloud and enterprise environments.
- Design and deliver Privileged Access Management (PAM) for admin accounts spanning enterprise IT and cloud engineering.
- Implement a scalable access management model for AI agents and bots.
- Collaborate with IT Apps and infrastructure teams to enforce and enable SSO across the enterprise.
- Own the implementation and governance of authentication protocols (SAML, OIDC, OAuth 2.0) and modern identity standards.
- Partner with engineering, security, IT, compliance, and product teams to deliver access management capabilities that enable the business and satisfy audit requirements.
- Translate complex identity requirements into clear, executable technical plans and communicate tradeoffs to senior stakeholders.
We're looking for someone who has:
- 8 - 12+ years in identity engineering, security engineering, or a closely related discipline.
- Hands-on architecture or engineering experience in cloud environments (AWS, GCP, or Azure).
- Demonstrated track record of leading complex, cross-functional IAM programs from design through production.
- Deep expertise in modern IAM technologies: directories (LDAP/AD), IDPs, federation, and authentication protocols (SAML, OIDC, OAuth 2.0).
- Practical experience implementing Zero Trust identity models and PAM frameworks.
- Strong understanding of identity governance, IGA tooling, and role lifecycle management.
- Hands-on experience with secrets management platforms (e.g., HashiCorp Vault, AWS Secrets Manager, GCP Secret Manager).
- Experience with non-human identity and machine identity management in large-scale environments.
- Experience building access controls for AI workloads, agents, or service accounts at scale.
- Familiarity with SCIM provisioning and automated IGA workflows.
- Excellent communication and influencing skills - you can make identity concepts accessible to non-technical audiences and drive alignment without authority.
Nice to have:
- Security certifications such as CISSP, GIAC, or similar.
- Solid grasp of compliance frameworks relevant to identity (SOC 2, ISO 27001, NIST, or similar) and experience supporting audit processes.
Compensation at Applied Intuition for eligible roles includes base salary, equity, and benefits. Base salary is a single component of the total compensation package, which may also include equity in the form of options and/or restricted stock units, comprehensive health, dental, vision, life and disability insurance coverage, 401k retirement benefits with employer match, learning and wellness stipends, and paid time off. Note that benefits are subject to change and may vary based on jurisdiction of employment.
Applied Intuition pay ranges reflect the minimum and maximum intended target base salary for new hire salaries for the position. The actual base salary offered to a successful candidate will additionally be influenced by a variety of factors including experience, credentials & certifications, educational attainment, skill level requirements, interview performance, and the level and scope of the position.
Please reference the job posting’s subtitle for where this position will be located. For pay transparency purposes, the base salary range for this full-time position in the location listed is: $180,000 - $230,000 USD annually.
Don’t meet every single requirement? If you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles.
Applied Intuition is an equal opportunity employer and federal contractor or subcontractor. Consequently, the parties agree that, as applicable, they will abide by the requirements of 41 CFR 60-1.4(a), 41 CFR 60-300.5(a) and 41 CFR 60-741.5(a) and that these laws are incorporated herein by reference. These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity or national origin. These regulations require that covered prime contractors and subcontractors take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disability. The parties also agree that, as applicable, they will abide by the requirements of Executive Order 13496 (29 CFR Part 471, Appendix A to Subpart A), relating to the notice of employee rights under federal labor laws.