Principal Authentication Engineer (IAM) — Vice President

We’re seeking someone to join our Authentication Engineering (IAM) team as a Principal Authentication Engineer in Cybersecurity (Identity & Access Management) to design, integrate, and operate standards-based authentication at global scale across hybrid environments—enabling secure, seamless access for our workforce and platforms.

In the Technology division, we leverage innovation to build the connections and capabilities that power our Firm, enabling our clients and colleagues to redefine markets and shape the future of our communities. This is a Lead Cybersecurity Engineering position at Vice President level , which is part of the job family responsible for to ensuring continuity and successful delivery of the firm's Modernization and Workforce Authentication.

Since 1935, Morgan Stanley is known as a global leader in financial services, always evolving and innovating to better serve our clients and our communities in more than 40 countries around the world.

What you’ll do in the role:

• Lead Hands-On Authentication Engineering : design, build, integrate, and ship secure, scalable solutions for human and non-human identities (bots, service accounts, applications, agentic systems).

• Own Enterprise Authentication & Federation : implement and harden OIDC/OAuth2, SAML, SSO, FIDO2/WebAuthn, PKI (mTLS, cert lifecycle), API auth, and Unix/Linux authentication.

• Integrate and Customize IAM Platforms : deliver end-to-end integrations across Entra ID, Ping Identity, SailPoint, CyberArk, HashiCorp Vault, HSMs, IDM/LDAP, and RCBI in cloud and hybrid environments.

• Drive Reliability and Automation at Scale : operate and evolve large-scale IAM estates with HA/DR, performance tuning, IaC (Terraform), config management (Ansible/Puppet/Chef), CI/CD, observability, and safe deployment strategies.

• Harden and Govern Identity Controls : define and enforce policies for identity lifecycle, authentication, authorization, PAM, and secrets management for human and non-human identities.

• Assess and Uplift Existing Solutions : identify risks and technical debt, deliver remediation plans, and implement secure-by-default patterns with measurable outcomes.

• Translate Architecture into Executable Work : break down complex designs into clear epics, stories, runbooks, and pipelines; produce ADRs, standards, and audit-ready documentation to align engineers, SREs, POs, and QA.

• Partner and Operate Across Teams : collaborate with product/platform leads to scale adoption; participate in on-call, lead RCAs, and drive operational excellence.

What you’ll bring to the role:

• Hands-On Principal Engineer (not architect-only) : design and implement—comfortable coding, configuring, integrating products, and shipping production outcomes.

• Deep authentication expertise : OIDC/OAuth2, SAML, SSO, FIDO2/WebAuthn, PKI (CA/RA, mTLS, cert lifecycle), API auth (JWT/mTLS), and Unix/Linux authentication at enterprise scale.

• IAM platforms & integration mastery : experience with HashiCorp Vault, HSMs, CyberArk, SailPoint, Entra ID, Ping Identity, IDM/LDAP, and RCBI—covering policy design, integration, automation, and migrations.

• Resiliency and Automation at Scale : proven experience operating IAM/auth services across large, globally distributed environments with multi-region HA/DR, performance tuning, IaC (Terraform), config management (Ansible/Puppet/Chef), CI/CD, observability; strong Shell plus Python/Go.

• Security & compliance acumen : threat modeling, least privilege, PAM, secrets management, policy-as-code, and auditability for human and non-human identities (including agentic systems).

• Systems integrator mindset : ability to customize and stitch vendor products and open standards into cohesive, well-documented solutions and APIs.

• Team enablement & communication : skill in decomposing solutions into clear epics/stories, authoring ADRs/runbooks/standards, conducting reviews, coaching engineers/SREs, and producing clear written documentation to influence stakeholders in an agile squad model.

• Enterprise & industry savvy : experience navigating large-institution environments; influencing roadmaps; driving adoption of controls and best practices; typically 10+ years in IAM engineering within complex, global settings.

WHAT YOU CAN EXPECT FROM MORGAN STANLEY:

We are committed to maintaining the first-class service and high standard of excellence that have defined Morgan Stanley for over 89 years. Our values - putting clients first, doing the right thing, leading with exceptional ideas, committing to diversity and inclusion, and giving back - aren’t just beliefs, they guide the decisions we make every day to do what's best for our clients, communities and more than 80,000 employees in 1,200 offices across 42 countries. At Morgan Stanley, you’ll find an opportunity to work alongside the best and the brightest, in an environment where you are supported and empowered. Our teams are relentless collaborators and creative thinkers, fueled by their diverse backgrounds and experiences. We are proud to support our employees and their families at every point along their work-life journey, offering some of the most attractive and comprehensive employee benefits and perks in the industry. There’s also ample opportunity to move about the business for those who show passion and grit in their work.

To learn more about our offices across the globe, please copy and paste into your browser.

Expected base pay rates for the role will be between $150,000 and $210,000 per year at the commencement of employment. However, base pay if hired will be determined on an individualized basis and is only part of the total compensation package, which, depending on the position, may also include commission earnings, incentive compensation, discretionary bonuses, other short and long-term incentive packages, and other Morgan Stanley sponsored benefit programs.

Morgan Stanley's goal is to build and maintain a workforce that is diverse in experience and background but uniform in reflecting our standards of integrity and excellence. Consequently, our recruiting efforts reflect our desire to attract and retain the best and brightest from all talent pools. We want to be the first choice for prospective employees.

It is the policy of the Firm to ensure equal employment opportunity without discrimination or harassment on the basis of race, color, religion, creed, age, sex, sex stereotype, gender, gender identity or expression, transgender, sexual orientation, national origin, citizenship, disability, marital and civil partnership/union status, pregnancy, veteran or military service status, genetic information, or any other characteristic protected by law.

Morgan Stanley is an equal opportunity employer committed to diversifying its workforce (M/F/Disability/Vet).