Non-Human Identity Security Engineer III
Edward Jones · St Louis, MO · Today
HybridFull-time
About the role
We are seeking a highly technical, hands-on Senior Non-Human Identity Engineer to lead the engineering, automation, onboarding, remediation, and operational management of non-human identities across the enterprise.
Responsibilities
- Engineer, implement, and support enterprise non-human identity solutions across cloud, on-premises, and hybrid environments.
- Develop and maintain automated provisioning, credential rotation, secret management, certificate lifecycle management, and deprovisioning processes.
- Perform onboarding and migration of service accounts, managed identities, workload identities, application accounts, and machine credentials into enterprise identity management platforms.
- Configure, deploy, and support privileged access controls for non-human identities using PAM and secrets management technologies.
- Work directly with development, application, and infrastructure teams to eliminate hardcoded credentials and replace legacy authentication methods with modern identity solutions.
- Design, build, and maintain automation using PowerShell, Python, REST APIs, Terraform, and other scripting or orchestration technologies.
- Integrate identity controls into CI/CD pipelines and DevSecOps workflows.
- Troubleshoot and resolve authentication, authorization, federation, certificate, token, and credential-related issues across enterprise applications.
- Support large-scale remediation initiatives involving dormant service accounts, excessive permissions, unmanaged secrets, and identity-related security vulnerabilities.
- Configure and administer identity platforms, including directory services, cloud identity providers, PAM solutions, certificate authorities, and secrets vaults.
- Monitor non-human identity activity and investigate suspicious authentication events, credential misuse, or policy violations.
- Create operational runbooks, implementation guides, engineering standards, and technical documentation.
- Partner with Security Operations and Incident Response teams during investigations involving machine identities and application credentials.
- Participate in after-hours support activities, major incident response, and maintenance activities when required.
Requirements
- Bachelor's degree in Information Technology, Cybersecurity, Computer Science, Engineering, or equivalent experience.
- 5+ years of hands-on experience in Identity and Access Management, Cybersecurity Engineering, Infrastructure Engineering, or Cloud Security.
- 3+ years of direct experience managing non-human identities, service accounts, application identities, workload identities, or machine authentication technologies.
- Strong hands-on experience administering Microsoft Entra ID, Active Directory, or similar identity platforms.
- Experience implementing and supporting secrets management, credential vaulting, and privileged access solutions.
- Strong scripting and automation skills using PowerShell, Python, Bash, or similar technologies.
- Experience working with OAuth 2.0, OpenID Connect, SAML, Kerberos, LDAP, certificates, and PKI technologies.
- Experience supporting Azure, AWS, Google Cloud, or multi-cloud environments.
- Ability to analyze logs, troubleshoot authentication failures, and resolve complex identity-related issues.
- Experience working within enterprise change management, incident management, and operational support processes.
- Strong verbal and written communication skills with the ability to collaborate across technical teams.
Qualifications
- Hands-on experience with CyberArk, HashiCorp Vault, Delinea, BeyondTrust, SailPoint, Microsoft Entra Workload Identities, or similar platforms.
- Experience managing certificate lifecycles and public/private key infrastructure.
- Familiarity with Infrastructure as Code technologies such as Terraform, Bicep, ARM, or CloudFormation.
- Experience with SIEM platforms and identity security monitoring.
- CISSP, CISM, Security+, Microsoft Identity and Access Administrator, CyberArk Defender/Sentry, or related certifications.
Skills
- Strong scripting and automation skills using PowerShell, Python, Bash, or similar technologies.
- Experience working with OAuth 2.0, OpenID Connect, SAML, Kerberos, LDAP, certificates, and PKI technologies.
- Experience supporting Azure, AWS, Google Cloud, or multi-cloud environments.
- Ability to analyze logs, troubleshoot authentication failures, and resolve complex identity-related issues.
- Experience working within enterprise change management, incident management, and operational support processes.
Benefits
- Medical and prescription drug, dental, vision, voluntary benefits (such as accident, hospital indemnity, and critical illness).
- Short- and long-term disability, basic life, and basic AD&D coverage.
- 401(k) retirement plan, and tax-advantaged accounts: health savings account, and flexible spending account.
- 10 paid holidays and 15 days of vacation for new associates beginning on January 1 of each year, as well as sick time, personal days, and a paid day for volunteerism.
- Eligibility for bonuses and profit sharing.
- Employee Assistance Program.
Pay
Compensation provided for using, not obtaining, the rating.
Schedule
At Edward Jones, we are building a place where everyone feels like they belong. We're proud of our associates' contributions to the firm and the recognitions we have received. Check out our U.S. awards and accolades: Insights & Information Blog Postings about Edward Jones Check out our Canadian awards and accolades: Insights & Information Blog Postings about Edward Jones