Jobs · Engineering

Senior Security Engineer - IAM

Cotiviti · United States · 4 mo ago
RemoteRemoteEngineering$120k–$150k/yrFull-time

Responsibilities

  • Administer day-to-day Delinea operations—tenant configuration, discovery, onboarding, policy management, upgrades/patching, backups, and health monitoring—to ensure availability and performance.
  • Integrate Delinea with enterprise identity, endpoint, and security tooling (e.g., AD/Azure AD, SSO/MFA, SIEM, ITSM) and automate onboarding/rotation/workflows using APIs and scripting.
  • Implement privileged access controls (least privilege, JIT/JEA, session controls, credential rotation) and produce audit-ready evidence aligned to internal standards and frameworks (e.g., SOX, PCI, ISO 27001).
  • Support & Troubleshooting: Lead triage and resolution of PAM issues across agents, connectors, network paths, authentication flows, and platform services, performing root-cause analysis and preventive remediation.
  • Create and maintain operational runbooks, architecture diagrams, and configuration standards while training administrators and stakeholders to ensure consistent, scalable PAM operations.

Qualifications

  • Bachelor’s degree in technology discipline or equivalent professional experience.
  • 5+ years of experience in Privileged Access Management or related security roles.
  • Relevant Security certifications (e.g., CISSP, CISM, CIAM) preferred.
  • Delinea Platform Expertise: Hands-on engineering with Delinea components such as Secret Server (vaulting/rotation/workflows), Privilege Manager (endpoint least-privilege), and related connectors/agents, including upgrades, migrations, and performance tuning.
  • Enterprise Infrastructure & Platforms: Strong administration and integration experience across Windows Server/Workstations, Linux (e.g., RHEL/Ubuntu), Active Directory/GPO, and virtualization platforms to onboard and manage privileged accounts at scale.
  • Security & Authentication Technologies: Deep understanding of authentication/authorization and identity protocols—Kerberos/NTLM, LDAP/LDAPS, SAML/OIDC, RADIUS/TACACS+, PKI/certificates, and MFA—used to secure PAM access paths and admin workflows.
  • Scripting & Automation: Ability to automate PAM lifecycle tasks (discovery, onboarding, credential rotation, reporting) using PowerShell/Python and Delinea REST APIs, including error handling, logging, and idempotent execution.
  • Networking & Infrastructure: Proficient in troubleshooting and designing network connectivity for PAM components (DNS, TLS, firewalls/ports, proxies, load balancers) to support secure agent communications and distributed services.
  • DevOps & Cloud Technologies: Experience integrating PAM into CI/CD and cloud operations using tools like Git, pipelines, IaC (Terraform/ARM/CloudFormation), and cloud IAM services (Azure/AWS/GCP) to manage privileged access in modern delivery environments.
  • Strong analytical, problem-solving, and attention-to-detail skills; works independently with minimal supervision.
  • Excellent communication and collaboration skills with IT, security teams, and business units.

Similar jobs

Security Engineer, IAM

SentrySan Francisco, CA· 2 days ago
Information Technology$155k–$240k/yrapply on jobs.ashbyhq.com

Senior IAM Engineer

Jack HenryGreater Phoenix Area· 4 days ago
RemoteInformation Technologyapply on jackhenry.avature.net