Lead the development and execution of a robust Cybersecurity Program for Field, an Energy Storage Provider. Responsible for compliance standards and effective controls across IT & OT environments.
EX
Hybrid Security Engineer – Identity, Privileged Access Management (IAM, PAM)
Posted last week
About the role
- Security Engineer at Exegy responsible for IAM & PAM. Collaborate with teams to ensure secure identity and access management.
Responsibilities
- Design, implement, and maintain IAM and PAM platforms supporting workforce, privileged, and service identities
- Enforce least-privilege access models, role-based access control (RBAC), and attribute-based access control (ABAC) where appropriate
- Implement strong authentication controls, including MFA, conditional access, and phishing-resistant authentication
- Manage privileged identities for administrative, infrastructure, cloud, and application accounts
- Eliminate shared, standing, and unmanaged privileged accounts through vaulting, just-in-time (JIT) access, and session recording
- Lead initiatives to identify and remediate over-provisioned access, orphaned accounts, and excessive entitlements
- Design and operate access review and certification processes in collaboration with GRC and business owners
- Integrate IAM with HR systems and ITSM to automate joiner, mover, and leaver workflows
- Partner with Risk and GRC teams to align IAM/PAM controls to ISO 27001, NIST, CIS Controls, and regulatory requirements
- Support security incident investigations related to identity misuse, credential compromise, or privilege escalation
Requirements
- 5+ years of experience in information security or identity engineering, with deep focus on IAM and/or PAM programs
- Hands-on experience designing, implementing, and operating enterprise IAM and PAM platforms (e.g., Azure AD / Entra ID, Okta, Ping, CyberArk, BeyondTrust, Delinea, HashiCorp Vault, or comparable solutions)
- Proven experience building and maintaining RBAC models, automating joiner-mover-leaver workflows, and leading entitlement cleanup initiatives
- Strong working knowledge of modern authentication and authorization protocols (SAML, OAuth, OIDC, LDAP, Kerberos)
- Experience integrating identity systems across cloud platforms, SaaS applications, on-prem infrastructure, and CI/CD pipelines
- Demonstrated experience reducing access-related audit findings and closing identity control gaps
- Working knowledge of common security and compliance frameworks (e.g., ISO 27001 Annex A, NIST SP 800-53, CIS Controls), with emphasis on access control and identity safeguards
- Ability to translate security and compliance requirements into practical, scalable identity controls that support business operations
- Comfortable communicating access risk, least-privilege principles, and control decisions to both technical and non-technical stakeholders
- Relevant security or identity certifications (e.g., CISSP, CISM, GIAC, or IAM/PAM vendor certifications) are beneficial but not required.
Benefits
- Health insurance
- Flexible work arrangements
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Cyber Security Engineer at Interact safeguarding assets against cyber threats. Proactively identifying vulnerabilities, mitigating risks, and collaborating with cross - functional teams.
Cloud Security Engineer ensuring secure solutions in the cloud for UMB's technology. Collaborating with teams to define security controls and integrate best practices.
AVP, Cloud Security Engineer responsible for designing and managing cloud security solutions at Synchrony. Collaborating with teams to ensure compliance and mitigate security risks.
Werkstudent Homologation Passive Sicherheit supporting international vehicle type approval at BMW. Collaborating on documentation, project management, and engaging with global markets.
Analista Pleno de Conscientização em Segurança da Informação at Riachuelo developing and executing training initiatives. Collaborating with various departments to improve awareness on information security.
Security Engineer responsible for defining security architecture for systems and applications in the technology area. Collaborating with multiple teams for risk mitigation and compliance.
Leading Security Governance & Assurance team focused on information security management systems at Xecuro GmbH. Collaborating with team on regulatory compliance and development opportunities.
Employment Security Representative providing job placement assistance and career counseling for Broward County residents. Supporting workforce development through training and employment opportunities.
Security Architect Engineer at S&P Global designing and maintaining cybersecurity architecture. Leading security initiatives and architecture reviews for enterprise security strategies.