We are seeking a highly skilled Security Engineer to join our Cyber organization within the Identity & Access Management (IAM) team. This role focuses on designing and implementing the firms next-generation Policy Based Access Control (PBAC) solution. The ideal candidate will work closely with internal infrastructure teams to integrate on-premise, cloud, and SaaS solutions, enhancing the security and scalability of our access control frameworks. Key Responsibilities: Collaborate with internal engineering teams to design and develop a robust PBAC solution for various infrastructure platforms and services. Develop, test, and deploy PBAC integrations for both in-house developed and vendor products, following policy-as-code and GitOps methodologies. Create detailed design documentation, clearly articulating design decisions and presenting them to internal governance forums. Ensure the security, scalability, and maintainability of the PBAC solution by applying best practices in software development and cybersecurity. Support the development of secure authentication protocols (e.g., OIDC, SAML, mTLS) within the access control framework. Troubleshoot and resolve technical issues related to IAM integrations, PBAC policies, and related systems. Participate in code reviews, knowledge-sharing sessions, and continuous improvement initiatives within the IAM team. Required Qualifications: Bachelors degree in Computer Science, Information Security, or a related field. Minimum of 5 years of professional experience in Python development, including hands-on experience with CI/CD pipelines. Proficiency with containerization tools such as Docker or Podman and deploying applications to Kubernetes environments (e.g., OpenShift, AKS). Experience with declarative languages like Prolog or Rego for policy-as-code implementations. Strong understanding of secure authentication protocols such as OIDC, SAML, and mTLS. Proficiency in shell scripting and SQL, including database schema design using PostgreSQL and MongoDB. Familiarity with IAM cloud platforms such as Microsoft Azure, AWS, and Google Cloud Platform (GCP). Desired Skills (Nice to Haves): Industry certifications such as CISSP or CISM. Cloud security certifications like Microsoft Certified: Identity and Access Administrator Associate or AWS Certified Security - Specialty. Strong troubleshooting skills across various technologies, including SQL, Linux OS utilities, and PowerShell. Experience with the implementation of PBAC solutions for application authorization. Familiarity with SailPoint Identity Now or IdentityIQ IGA solutions. Excellent technical documentation skills to support clear communication of complex concepts. #J-18808-Ljbffr
Job Title
Security Engineer