Jobs · Information Technology · Texas

Security Engineer II

Lennar · Irving, TX · 3 wk ago
Information Technology$30k/yrFull-time

Responsibilities

  • Support enterprise IAM solutions that collectively deliver single sign-on (SSO), multifactor authentication (MFA), identity governance and administration, and privileged access management for all types of identities, including on-premises, hybrid, cloud-only, non-human (service accounts), and application-based credentials (API keys, tokens).
  • Engineer and operate IGA capabilities, including joiner-mover-leaver workflows, access request and approval, automated provisioning/de-provisioning, and role-based access control (RBAC/ABAC).
  • Implement and manage PAM platforms for privileged account onboarding, credential vaulting, password rotation, session monitoring/recording, and just-in-time (JIT) elevation.
  • Design and implement identity and access controls for AI agents and non-human identities (service accounts, bots, APIs, workloads), including lifecycle management, secrets management, least-privilege roles, and monitoring of machine-to-machine access in alignment with Zero Trust principles.
  • Monitor identity and privileged access activities, analyze logs and alerts, and support incident response and forensic investigations related to compromised identities or misuse of privilege.
  • Support audit, compliance, and certification efforts by providing evidence, improving control design, and remediating findings related to IAM, IGA, and PAM.
  • Troubleshoot complex IAM/IGA/PAM issues, perform root cause analysis, and drive continuous improvement and modernization of identity platforms.
  • Collaborate with security architecture, infrastructure, application, and DevOps teams to embed identity security and Zero Trust principles in new solutions and strategic programs.
  • Document architectures, standards, runbooks, and knowledge articles, and provide guidance and training to operations and application teams on identity security best practices.
  • Participate in Proof of Concepts and product evaluations of new and emerging Identity security services and technologies.
  • May provide mentorship and support to various junior security engineers and security operations team members.

Requirements

  • Education: Bachelor’s degree required in Computer Science, Cybersecurity, Engineering, or related field.
  • Experience:
    • 4-5 years of hands-on cybersecurity engineering experience with exposure to IAM.
    • 4+ years of relevant work experience in security engineering, with a focus on concepts and technologies in Identity & Access Management (IAM) like SailPoint, Delinea, CyberArk, Entra ID, Ping Identities.
    • 2+ years of relevant work experience with Identity and Access Management solutions, including the implementation and configuration of solutions for Single Sign-On (SSO), Multifactor Authentication (MFA), and various identity integration protocols (SAML, OIDC).
    • Experience building and maintaining SailPoint connectors, aggregation and provisioning jobs, roles/entitlements, and workflows for HR-driven JML processes.
    • Experience administering Microsoft Entra ID, including users, groups, roles, app registrations, and enterprise applications.
    • Working knowledge of solutions for Identity Governance and Administration, Privileged Access Management, and access control models such as RBAC, ABAC, PBAC, and FGAC.
  • Certifications: Any Certified Information Systems Security Professional (CISSP), CompTIA Security+, Certified Identity and Access Manager (CIAM), or similar advanced cloud security certifications preferred.
  • Additional Skills, Knowledge, and Experience:
    • Working knowledge of cloud-based Identity Providers, access controls, and hybrid federated IAM architectures.
    • Experience in designing, configuring, and administering SailPoint Identity Security Cloud for identity lifecycle, access request, certifications, and policy/SoD controls.
    • Strong knowledge and experience with Microsoft Active Directory (AD) Domain Services, management of AD users and security groups, and security best practices for configuring AD infrastructure, policies, group policy objects.
    • Experience with implementing access control mechanisms, such as authentication policies, identity lifecycle management (provisioning, deprovisioning), and methods for authorization management.
    • Strong skills in developing visual design documentation (Visio, Lucid), oral presentation skills, problem solving / critical thinking, and decision-making skills.
    • Strong verbal and written communication skills.
    • Ability to facilitate productive meetings and work comfortably in a team-oriented environment.
  • Personal Attributes:
    • Team Player: Ability to work collaboratively with senior engineers, IT teams, and other stakeholders to achieve shared goals.
    • Communication: Effective written and verbal communication skills, with the ability to explain technical concepts to non-technical audiences. Ability to leverage communication skills to ensure a strong commitment to customer service.
    • Detail-Oriented: Attention to detail and consideration of the non-technical components necessary for successfully executing projects and initiatives.
    • Adaptability: Ability to balance multiple competing priorities in a fast-paced environment.
    • Minimal Supervision: Comfortable with executing workstreams independently with a positive and self-motivated drive. Exercise sound judgement in complex situations.

Benefits

  • Comprehensive health insurance plans including Medical, Dental, and Vision coverage.
  • 401(k) Retirement Plan with a $1 for $1 Company Match up to 5%.
  • Paid Parental Leave and an Associate Assistance Plan.
  • Education Assistance Program and up to $30,000 in Adoption Assistance.
  • Up to three weeks of vacation annually, along with generous Holiday, Sick Leave, and Personal Day policies.
  • New Hire Referral Bonus Program and significant Home Purchase Discounts.

Pay

Commensurate with experience.

Schedule

Full-time.

Similar jobs

Security Engineer II

AssetMarkAtlanta, GA· 3 wk ago
Information Technology$85k–$100k/yrapply on assetmark.wd5.myworkdayjobs.com

Security Engineer II

Ross Stores, Inc.Dublin, CA· 6 days ago
Information Technology$125k–$213k/yrapply on jobs.rossstores.com

Security Engineer II

MWIDMMontgomery, AL· 6 days ago
Information Technologyapply on ajax.googleapis.com

Security Engineer II

Piper CompaniesCarrollton, TX· 3 wk ago
Information Technology$115k–$125k/yrapply on careers.pipercompanies.com

Security Engineer II

Meritrust Credit UnionWichita, KS· 1 mo ago
Information Technologyapply on paycomonline.net