Senior Cyber Security Engineer (IAM/PAM - DevSecOps)

Responsibilities

• Design, implement, and maintain PAM solutions (e.g. CyberArk) 
• Architect and manage IAM solutions, including SSO, MFA, and directory services (e.g. ForgeRock) 
• Configure and manage Vulnerability/Patch Management solutions (e.g. Qualys) 
• Develop and maintain secure authentication and authorization workflows across enterprise applications 
• Create automated PAM/IAM processes to integrate with DevOps workflows and CI/CD pipelines 
• Implement privileged session management, recording, and monitoring capabilities 
• Design and manage secrets management solutions for application and infrastructure credentials 
• Develop secure coding practices and security requirements for identity-related components 
• Create CI/CD pipeline integrations that automate security testing and credential management 
• Implement least privilege access models throughout infrastructure and applications 
• Configure and maintain Just-In-Time (JIT) access and ephemeral privilege solutions 
• Conduct regular security assessments of PAM/IAM infrastructure and implementation 
• Automate security controls for onboarding/offboarding identity lifecycle management 
• Develop API security governance for identity-related services 
• Create and maintain system documentation and security architecture diagrams 
• Monitor security events related to privileged access and identity systems 
• Collaborate with development, operations, and security teams to embed identity security throughout SDLC 
• Implement risk-based authentication and authorization mechanisms 
• Lead security platforms incident response and participate in security incident handling 
• Participate on after-hours On-Call support for security-related incidents 

Requirements

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field 
• 7+ years of experience in information security or cybersecurity roles 
• Minimum 3+ years of hands-on experience with PAM solutions (CyberArk preferred) 
• Minimum 3+ years of experience with IAM/MFA/SSO platforms (ForgeRock preferred) 
• Minimum 2+ years of experience with Vulnerability and Patch Management platforms (Qualys preferred) 
• Experience implementing DevSecOps methodologies and embedding security in CI/CD pipelines 
• Strong knowledge of secure access models, authorization frameworks, and federation protocols 
• Experience with security automation and API-driven security controls 
• Knowledge of cloud IAM services and integration patterns 
• Experience with infrastructure as code tools (Terraform, CloudFormation, Ansible, etc.) 
• Understanding of container security and orchestration platforms (Docker, Kubernetes) 
• Familiarity with compliance frameworks requiring strong identity controls  
• Strong analytical and problem-solving abilities 
• Excellent communication skills and ability to collaborate across technical teams 

Additional Skills (Good to have)

• Proficiency in scripting and programming languages (PowerShell, Python, Bash, etc.) 
• Experience with other PAM solutions (BeyondTrust, Delinea, etc.) 
• Knowledge of Zero Trust architecture implementation 
• Familiarity with OAuth 2.0, OIDC, SAML, and SCIM protocols 
• Experience with SIEM integration for identity-related events 
• Background in security architecture and framework development 
• Experience with secrets management solutions (e.g. HashiCorp Vault) 
• Knowledge of advanced encryption implementation and key management 
• Understanding of biometric authentication technologies 
• Experience with web application firewalls (WAF) and API gateways 
• Familiarity with GitOps security principles 
• Background in identity governance and administration (IGA) 
• Experience with user behavior analytics and identity threat detection 
• Knowledge of PKI infrastructure and certificate management 
• CISSP, CISM, or other advanced security certifications 
• Experience with machine identity management and non-human identities