Cloud Cybersecurity Engineer supporting multi - cloud environments for critical USAF missions. Designing, deploying, and maintaining security for AWS, Azure, Google, and Oracle Clouds.
EX
Hybrid Security Engineer – Identity, Privileged Access Management (IAM, PAM)
Posted last month
About the role
- Security Engineer at Exegy responsible for IAM & PAM. Collaborate with teams to ensure secure identity and access management.
Responsibilities
- Design, implement, and maintain IAM and PAM platforms supporting workforce, privileged, and service identities
- Enforce least-privilege access models, role-based access control (RBAC), and attribute-based access control (ABAC) where appropriate
- Implement strong authentication controls, including MFA, conditional access, and phishing-resistant authentication
- Manage privileged identities for administrative, infrastructure, cloud, and application accounts
- Eliminate shared, standing, and unmanaged privileged accounts through vaulting, just-in-time (JIT) access, and session recording
- Lead initiatives to identify and remediate over-provisioned access, orphaned accounts, and excessive entitlements
- Design and operate access review and certification processes in collaboration with GRC and business owners
- Integrate IAM with HR systems and ITSM to automate joiner, mover, and leaver workflows
- Partner with Risk and GRC teams to align IAM/PAM controls to ISO 27001, NIST, CIS Controls, and regulatory requirements
- Support security incident investigations related to identity misuse, credential compromise, or privilege escalation
Requirements
- 5+ years of experience in information security or identity engineering, with deep focus on IAM and/or PAM programs
- Hands-on experience designing, implementing, and operating enterprise IAM and PAM platforms (e.g., Azure AD / Entra ID, Okta, Ping, CyberArk, BeyondTrust, Delinea, HashiCorp Vault, or comparable solutions)
- Proven experience building and maintaining RBAC models, automating joiner-mover-leaver workflows, and leading entitlement cleanup initiatives
- Strong working knowledge of modern authentication and authorization protocols (SAML, OAuth, OIDC, LDAP, Kerberos)
- Experience integrating identity systems across cloud platforms, SaaS applications, on-prem infrastructure, and CI/CD pipelines
- Demonstrated experience reducing access-related audit findings and closing identity control gaps
- Working knowledge of common security and compliance frameworks (e.g., ISO 27001 Annex A, NIST SP 800-53, CIS Controls), with emphasis on access control and identity safeguards
- Ability to translate security and compliance requirements into practical, scalable identity controls that support business operations
- Comfortable communicating access risk, least-privilege principles, and control decisions to both technical and non-technical stakeholders
- Relevant security or identity certifications (e.g., CISSP, CISM, GIAC, or IAM/PAM vendor certifications) are beneficial but not required.
Benefits
- Health insurance
- Flexible work arrangements
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Information Systems Security Engineer (ISSE) driving cybersecurity initiatives in the Digital Modernization Sector. Supporting A&A efforts and ensuring security compliance with federal requirements.
Intern supporting occupational safety and health initiatives at ALTEN Mexico. Assisting in risk management and promoting safe work environments through regulatory compliance and innovation.
Senior SAP Security Specialist working with SAP Security solutions on customer projects. Responsible for workshops and leading consultancy in SAP Security environments.
Cybersecurity Engineer ensuring the security of IT & OT systems at ArianeGroup. Collaborating with internal teams and overseeing compliance and protection measures.
Professional focused on Cloud Security solutions and DevSecOps at innovative tech consulting firm Leega. Implementing security for AWS services and integrating security analysis tools.
Internship for building and deploying SSE/MASE system while working closely with management at I3P, a firm specialized in electrical networks.
Installs complete fall protection systems ensuring safety compliance. Managing team and quality of work on construction sites in a hybrid role.
Technicien d'installation de dispositifs antichute supervisant l'installation et la sécurité. Participer aux visites de chantier, préparer et gérer l'installation avec une autre personne.
IT Specialist ensuring smooth IT operations in a growing beauty company. Collaborate with external service providers and support internal teams with compliance and documentation.