Engineering Manager - Access Management, Authorization & Identity Governance

We are seeking an exceptional Senior Engineering Manager with deep expertise in Access Management, Authorization and Identity Governance specifically focused on authorization frameworks and access control models. This is a highly technical leadership role requiring someone who can both architect strategic solutions and actively contribute to hands-on implementation using Java & Spring framework.

The candidate should demonstrate the ability to continuously raise the performance bar for self and team while serving as a strong change leader who drives positive organizational and technical transformation. Proven track record of building highly scalable, resilient platforms with strong customer obsession, proactive production monitoring, and uncompromising quality.

The candidate should bring an innovative, out-of-the-box mindset to solve complex enterprise challenges and deep AI expertise to modernize engineering processes and architect AI-native solutions (agents, MCPs) across hybrid SaaS, cloud, and custom enterprise ecosystems.

Develop and execute a comprehensive Access Management and Governance strategy centered on authorization, access control models (RBAC, PBAC, ABAC, ReBAC), and policy enforcement
Lead the design, implementation, and optimization of identity governance platforms and authorization solutions with hands-on contributions to architecture, coding, and database schema design
Design and implement authorization flows using OAuth 2.0, OpenID Connect, and policy decision frameworks (OPA, XACML, Cedar)
Ensure compliance with regulatory requirements (GDPR, CCPA, SOX, HIPAA, PCI-DSS) through robust access controls
Evaluate and integrate AI/ML capabilities for intelligent access decisions and policy recommendations
Build, lead, and mentor a high-performing engineering team fostering technical excellence and continuous improvement

Minimum of 10 years in Identity and Access Management domains, with at least 3 years in engineering leadership roles
Expert-level programming skills in Java and Spring Framework (required) with ability to contribute to production code
Deep expertise in data modeling, database schema design, and relational database design for identity and access management systems
Strong expertise in implementing and optimizing RBAC, PBAC, ABAC, and ReBAC (Relationship-Based Access Control) models
Hands-on experience with OAuth 2.0, OpenID Connect, and policy engines (OPA, XACML, Cedar)
Demonstrated ability to lead technical teams and deliver complex projects on time
Excellent communication skills to convey technical concepts to business and executive stakeholders

Experience with cloud-based identity solutions (AWS IAM, Azure AD PIM, GCP IAM, Okta) and multi-cloud governance
Experience applying AI/ML for intelligent access decisions, anomaly detection, and behavioral analytics
Understanding of zero trust architecture, continuous authorization, and DevSecOps practices
Knowledge of containerization (Docker, Kubernetes) authorization models and API gateway security

Get ready to do something great when you join the Apple Identity Management team that’s responsible for all of Apple’s identity and access management. The people who work here have re-invented and defined the security standards for protecting customer data with innovative software solutions. The same dedication to innovation is also applied to our business practices - leaving the world a more secure place than we found it. Do you want to help deliver the next innovation in security and user experience for Apple ?
Our teams foster a collaborative environment with creative, smart & fun people using state of the art technologies. Come and join us in building solutions that have a worldwide impact.

At Apple, base pay is one part of our total compensation package and is determined within a range. This provides the opportunity to progress as you grow and develop within a role. The base pay range for this role is between $198,300 and $342,800, and your base pay will depend on your skills, qualifications, experience, and location.

Apple employees also have the opportunity to become an Apple shareholder through participation in Apple’s discretionary employee stock programs. Apple employees are eligible for discretionary restricted stock unit awards, and can purchase Apple stock at a discount if voluntarily participating in Apple’s Employee Stock Purchase Plan. You’ll also receive benefits including: Comprehensive medical and dental coverage, retirement benefits, a range of discounted products and free services, and for formal education related to advancing your career at Apple, reimbursement for certain educational expenses — including tuition. Additionally, this role might be eligible for discretionary bonuses or commission payments as well as relocation. Learn more about Apple Benefits

Note: Apple benefit, compensation and employee stock programs are subject to eligibility requirements and other terms of the applicable plan or program.

Apple is an equal opportunity employer that is committed to inclusion and diversity. We seek to promote equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant

At Apple, we believe accessibility is a fundamental human right. You’ll find that idea reflected in everything here — in our culture, our benefits and our digital tools. By welcoming as many perspectives as possible, we help you build a career where you feel like you belong.

Learn about accessibility in Apple’s workplace

Learn about reasonable accommodations for job applicants

Apple accepts applications to this posting on an ongoing basis.