Anaplan

Principal Engineer, Product Security & Identity

Anaplan$120K — $150K *
Enterprise Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Deep IAM/CIAM Expertise in enterprise-scale platforms
  • Expert-level knowledge of OAuth2, OIDC, SAML, and SCIM
  • Experience with IAM platforms like Auth0, Keycloak, or Ping Identity
  • Strong background in Policy-as-Code with OPA and Rego
  • Expert in access control methodologies like RBAC and ABAC
  • Understanding of LDAP/Active Directory integration
  • Knowledgeable in modern authentication mechanisms such as MFA and Passwordless

Responsibilities

  • Lead the architectural roadmap for security patterns
  • Design and implement next-gen CIAM solutions in Java/Kotlin
  • Architect access control systems using policy-as-code engines
  • Influence engineering standards for secure software development
  • Mentor and elevate the maturity of the engineering organization

Benefits

  • Flexible work environment
  • Opportunity for professional growth and mentorship
  • Collaboration with cross-functional teams
  • Involvement in high-impact security projects
  • Access to advanced tools and technologies
Full Job Description
Anaplan is the leading enterprise decision-making platform, powering the world's largest enterprises with our proprietary Hyperblock™ technology and cloud infrastructure. We are seeking a Principal Engineer to lead the architectural evolution of our Product Security and Customer Identity & Access Management (CIAM) capabilities. In this role, you will define and execute the technical strategy for secure multi-tenant isolation, modern identity migrations, and secure API-to-API communications across our highly distributed global SaaS platform.
Your Impact
  • Security Architecture & Strategy: Lead the long-term technical roadmap for platform-wide security patterns, including multi-tenant isolation, key lifecycle management, secure token issuance (JWT), secrets management, and robust API-to-API communication.
  • Modern Identity Engineering: Design and implement next-generation CIAM solutions and secure backend services (using Java/Kotlin) to migrate from legacy IAM systems to modern, highly scalable identity platforms.
  • Access Control & Policy Enforcement: Architect and operate declarative authorization systems utilizing policy-as-code engines (e.g., Open Policy Agent (OPA) with Rego-based evaluation) for granular, high-throughput access decisions.
  • Platform Standardization: Influence company-wide engineering standards and define best practices for secure-by-default software development. Lead cross-functional collaboration with core engineering teams (including API Gateway, Platform Security, and Infrastructure) to ensure consistent security postures.
  • Technical Leadership & Mentorship: Guide, mentor, and elevate the maturity of the engineering organization, promoting secure coding practices and driving threat-modeling initiatives.
Your Qualifications

Identity, Access, & Security Protocols
  • Deep IAM/CIAM Expertise: Significant software engineering experience in architecting and operating enterprise-scale Identity and Access Management platforms.
  • Standard Federation Protocols: Expert-level knowledge of OAuth2, OIDC, SAML, and SCIM user provisioning.
  • Hands-on Platform Experience: Comprehensive experience deploying and managing industry-standard IAM platforms (e.g., Auth0, Keycloak, Ping Identity, or Ory).
  • Policy-as-Code: Strong experience implementing and scaling fine-grained authorization policies using Open Policy Agent (OPA), Rego, or similar policy engines.
  • Deep, production-level expertise in architecting and implementing modern access control paradigms, including Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC), and Relationship-Based Access Control (ReBAC), using decoupled Policy-as-Code engines (such as Open Policy Agent/Rego or AWS Cedar)
  • Solid understanding of LDAP/Active Directory integration patterns for enterprise user authentication and centralized group management
  • Strong expertise in modern digital identity concepts, encompassing authentication mechanisms (MFA, SSO, Passwordless), and a thorough understanding of identity protocols acting as the foundation for authorization architectures


Software Engineering & Distributed Systems
  • Backend Engineering: Proven experience building high-throughput, low-latency secure microservices in JVM-based languages (Java or Kotlin).
  • System Reliability at Scale: Solid understanding of highly available (HA/DR) distributed systems, observability (metrics, logs, traces), and SRE principles.
  • API Security & Gateways: Deep experience securing API architectures and designing edge security patterns (e.g., rate limiting, token exchange, and mutual TLS).
  • Proven track record of untangling and reverse-engineering complex, monolithic legacy applications to extract undocumented business rules, and systematically translating them into modern, decoupled, Policy-as-Code authorization architectures


Compliance, Environment, & Leadership
  • Regulated Environments: Experience building, operating, and auditing identity solutions in compliance-heavy or regulated cloud environments (such as FedRAMP Moderate/High).
  • Identity Migrations: Proven track record of successfully executing seamless, zero-downtime migrations from legacy directory services or monolithic IAM systems to modern distributed CIAM frameworks.
  • Cross-Functional Leadership: Strong communication, presentation, and alignment skills, with a track record of driving complex technical initiatives across multiple business units and executive stakeholders.

#LI-SP1

About Anaplan

Anaplan is a cloud-based business planning and performance management platform that enables businesses to manage their financial and operational planning processes. The platform provides a range of solutions, including sales performance management, workforce planning, supply chain planning, and financial planning and analysis. Anaplan's platform is designed to be flexible and scalable, allowing businesses to adapt to changing market conditions and business needs. The company was founded in 2006 and is headquartered in San Francisco, California.
Learn more about Anaplan
Size
14 employees
Market Cap
$9.4 billion
Industry
Net Income
-$153.9 million
Founded
2006
5 Year Trend
+37.5%
Revenue
$447.7 million
NASDAQ

Similar Jobs

More Jobs at Anaplan

More Enterprise Technology Jobs

Find similar Principal Engineer, Product Security & Identity jobs: