Manager at PwC contributing to digital transformation in Utilities through technology consulting and stakeholder management. Focused on creating strategies and providing technology solutions in a data - driven world.
About the role
- Staff Engineer in IAM at Creditas responsible for identity access systems and architecting robust security solutions for cloud environments. Leading strategy and mentoring other security engineers.
Responsibilities
- As a Staff Engineer focused on IAM, you will be the top technical authority for Identity and Access strategy at Creditas.
- Your mission is to design and implement ecosystems that ensure the right person (or machine) has the right access at the right time for the right reasons.
- You will work cross-functionally, influencing everything from corporate access governance to cloud service identities and APIs.
- Identity Architecture: Design the long-term IAM architecture, integrating multi-cloud environments, internal applications, and third-party services.
- Solution Architecture: Design and review complex authentication and authorization architectures (SSO, MFA, Passwordless) integrated with multi-cloud and on-premise environments.
- Privileged Access Management (PAM): Lead the privileged access management strategy to reduce the attack surface.
- Automation and Self-Service: Develop tools and automated workflows for provisioning, access reviews and Just-in-Time (JIT) access, reducing operational load and human error.
- Machine Identity: Define standards for non-human identities (service accounts, secrets management, and mTLS).
- Technical Leadership: Act as a mentor to other security engineers and be the reference point for platform and engineering teams on complex authentication decisions (OAuth2, OIDC, SAML).
Requirements
- Technical Expertise: Deep knowledge of identity protocols (SAML, OAuth2, OpenID Connect) and directories (Active Directory, Okta, Azure AD, or Google Workspace).
- Cloud Security: Advanced experience in Cloud IAM (AWS), including complex SCP policies, fine-grained permissions, and identity federation.
- Risk Perspective: Ability to balance strong security with the employee experience (UX), avoiding unnecessary bureaucracy.
- Experience at Scale: Experience working in environments with thousands of identities and microservices.
- Experience implementing Zero Trust Architecture.
- Availability for hybrid work: required to attend our office in the Morumbi area of São Paulo once a month for 4 consecutive days, usually during the last or first week of the month (Creditas in Person).
Benefits
- Health Plan (Alice)
- Dental Plan (SulAmérica)
- Wellz: therapy sessions 100% free
- Wellhub: access to gyms and studios
- Creditas Endurance: high-impact sports incentive program
- Pharmacy partnership (Univers)
- Life Insurance (Porto Seguro)
- Birthday day off
- Extended parental leave: 6 months for birthing parents and 35 days for non-birthing parents
- Family Care: maternity and paternity support program
- Childcare assistance
- Assistance for dependents with disabilities (PWDs)
- SESC: access to facilities for you and dependents
- Meal Voucher (VR): flexible benefits card (Creditas Card)
- Payroll loan (Creditas Benefits)
- Salary advance (Creditas Benefits)
- Insurance discounts (Minuto Seguros)
- Access to exclusive financial education content in the Creditas app
- PPR: profit-sharing program
- Educational and development incentives
- Flexible work model
- Free bike parking at the office
- Partnered parking at the office (subject to internal availability)
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Research Associate conducting advanced research in iOS security within a leading institute for applied cybersecurity. Emphasis on secure application development and vulnerability analysis.
Cybersecurity Engineer focused on threat monitoring and incident response for Verizon's network security. Collaborating on security architecture and vulnerability management across multiple locations.
Senior Manager of Application Security leading initiatives to protect applications at Nordstrom through strategic leadership and AI - driven tooling. Collaborating with engineering to ensure secure software development practices.
Information Security Engineer responsible for deploying and supporting security tools across cloud and on - premise systems. Collaborating with IT to mitigate security risks in a hybrid work environment.
Casual Retail Security Officer for MSS Security ensuring safety at Tweed Mall in Tweed Heads. Responsible for patrols, incident response, and customer service.
Financial security advisor at Desjardins developing client relationships and selling life and health insurance products. Focusing on customer satisfaction and personalized financial solutions.
Principal Information Security Consultant at Westpac focusing on security protocols and employee benefits for staff. Hybrid role centrally located with opportunities for professional development and employee perks.
Engineer supporting secure development lifecycle processes for product lines in the energy sector. Collaborating with R&D on security requirements and compliance audits.
Automation Oversight Engineer providing oversight of compliance in automated device configurations for Comcast Business. Managing configuration checks and reporting, ensuring reliable oversight and improvement strategies.