Manager of Identity Platform

At Wizards of the Coast, we connect people around the world through play and imagination. From our genre-defining games like Magic: The Gathering® and Dungeons & Dragons® to our growing multiverse, we continue to innovate and build new ways to foster friendship and connection. That’s where you come in!

We are seeking a technically strong, security-minded Manager, Identity Platform Engineering to own the enterprise identity fabric that protects our people, systems, and IP across all internal studios and cloud environments. This leader owns our Single Sign-On, Identity Governance & Administration, Privileged Access Management, directory services, and the zero-trust access architecture that spans our multi-studio AWS environment.

What You’ll Do:

• Own, evolve, and streamline the full identity platform stack — Okta, Microsoft Entra ID, AWS IAM Identity Center, Saviynt, and CyberArk — ensuring it is reliable, secure, and aligned to our zero-trust architecture
• Drive zero-trust and least-privilege access through RBAC enforcement, Separation of Duties controls, and continuous access certification campaigns across all studio environments
• Build and operate end-to-end Joiner-Mover-Leaver (JML) automation so that access follows people, not tickets — provisioning before Day 1, terminations propagated to all systems in under 15 minutes
• Lead the Non-Employee Identity Program — contractors, vendors, and studio partners managed through a governed onboarding portal with scoped access, defined expiry, and quarterly re-certification
• Partner with Information Security to implement AI-assisted anomaly detection through Okta Identity Threat Protection and Saviynt analytics, closing the loop from detection to remediation
• Own the studio identity onboarding playbook for new acquisitions — federating legacy and esoteric IdPs into Okta via SAML/OIDC and delivering a standardized onboarding process in 30 days or fewer
• Lead, coach, and grow a team of identity engineers — setting high standards for documentation, runbook hygiene, and platform reliability

What You’ll Bring:

• 7+ years of Identity & Access Management experience, with at least 2 years in a leadership or management role
• Deep hands-on expertise with Okta Identity Cloud — SSO federation, Workflows, Universal Directory, and adaptive MFA
• Proven experience with Microsoft Entra ID — user/group lifecycle, Entra ID Connect sync, and Conditional Access policies
• Strong working knowledge of AWS IAM and AWS IAM Identity Center — permission set design, account federation, and ephemeral credential patterns
• Experience implementing IGA solutions (Saviynt, SailPoint, or equivalent) — lifecycle automation, access certifications, and SoD enforcement
• Hands-on experience with Privileged Access Management tooling such as CyberArk or BeyondTrust
• Solid understanding of identity protocols: SAML 2.0, OIDC, OAuth 2.0, SCIM, and LDAP/AD
• Experience managing identity programs across multi-studio, multi-tenant, or multi-subsidiary environments
• Track record of building and developing high-performing technical teams
• Passionate about automation-first operations and security-by-design principles

In compliance with local law, we are disclosing the compensation range for this role. The range listed is just one component of Wizards of the Coast’s total compensation package for employees. Employees may also be eligible for annual and long-term incentives. In addition, Wizards of the Coast provides a variety of benefits to employees. Here’s a look at what your benefits package may include: Medical, Dental & Vision Insurance, Paid Vacation Time & Holidays, Generous 401(k) match, Paid Parental Leave, Volunteer Program, Employee Giving & Matching Gifts Programs, Tuition Reimbursement, Product Discounts, and more.

Wizards is committed to equality of opportunity in all aspects of employment. We are committed to making all employment decisions without regard to race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, marital status, or any other legally protected status.

The above is intended to describe the general content of and the requirements for satisfactory performance in this position. It is not to be construed as an exhaustive statement of the duties, responsibilities, or requirements of the position.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. If you are selected to move forward in our application process and need to request an accommodation, please let your recruiter or coordinator know.