Jobs · Arizona

Senior Security Engineer - Non-Human Identity

Edward Jones · Tempe, AZ · Today
HybridFull-time
This job posting is anticipated to remain open for 30 days, from 14-Jul-2026. The posting may close early due to the volume of applicants. Join a financial services firm where your contributions are valued. Edward Jones is a Fortune 500¹ company where people come first. With over 9 million clients and 20,000 financial advisors across the U.S. and Canada, we’re proud to be privately-owned, placing the focus on our clients rather than shareholder returns. Behind everything we do is our purpose: We partner for positive impact to improve the lives of our clients and colleagues, and together, better our communities and society. We are an innovative, flexible, and inclusive organization that attracts, develops, and inspires performance excellence and a sense of belonging. People are at the center of our partnership. Edward Jones associates are seen, heard, respected, and supported. This is what we believe makes us the best place to start or build your career. View our Purpose, Inclusion and Citizenship Report. ¹Fortune 500, published June 2024, data as of December 2023. Compensation provided for using, not obtaining, the rating. Team Overview We are seeking a highly technical, hands-on Senior Non-Human Identity Engineer to lead the engineering, automation, onboarding, remediation, and operational management of non-human identities across the enterprise. This role is focused on the implementation and day-to-day engineering of machine identities, service accounts, workload identities, API credentials, certificates, secrets, and privileged application accounts supporting cloud, on-premises, and hybrid environments. This is not an architecture-only or governance-only position. The successful candidate will be expected to personally build solutions, write automation, troubleshoot authentication issues, onboard applications, integrate platforms, and drive remediation efforts. The engineer will work closely with application teams, DevOps, cloud engineering, cybersecurity, and infrastructure teams to ensure non-human identities are properly secured, monitored, and managed throughout their lifecycle. The ideal candidate combines deep IAM expertise with strong scripting, automation, cloud, and troubleshooting skills, and is comfortable operating in a fast-paced enterprise environment where hands-on execution is critical. What You'll Do Engineer, implement, and support enterprise non-human identity solutions across cloud, on-premises, and hybrid environments.Develop and maintain automated provisioning, credential rotation, secret management, certificate lifecycle management, and deprovisioning processes.Perform onboarding and migration of service accounts, managed identities, workload identities, application accounts, and machine credentials into enterprise identity management platforms.Configure, deploy, and support privileged access controls for non-human identities using PAM and secrets management technologies.Work directly with development, application, and infrastructure teams to eliminate hardcoded credentials and replace legacy authentication methods with modern identity solutions.Design, build, and maintain automation using PowerShell, Python, REST APIs, Terraform, and other scripting or orchestration technologies.Integrate identity controls into CI/CD pipelines and DevSecOps workflows.Troubleshoot and resolve authentication, authorization, federation, certificate, token, and credential-related issues across enterprise applications.Support large-scale remediation initiatives involving dormant service accounts, excessive permissions, unmanaged secrets, and identity-related security vulnerabilities.Configure and administer identity platforms, including directory services, cloud identity providers, PAM solutions, certificate authorities, and secrets vaults.Monitor non-human identity activity and investigate suspicious authentication events, credential misuse, or policy violations.Conduct access reviews and entitlement analysis to ensure least-privilege principles are maintained.Create operational runbooks, implementation guides, engineering standards, and technical documentation.Partner with Security Operations and Incident Response teams during investigations involving machine identities and application credentials.Participate in after-hours support activities, major incident response, and maintenance activities when required. What Experience You'll Need Bachelor's degree in Information Technology, Cybersecurity, Computer Science, Engineering, or equivalent experience.7+ years of hands-on experience in Identity and Access Management, Cybersecurity Engineering, Infrastructure Engineering, or Cloud Security.5+ years of direct experience managing non-human identities, service accounts, application identities, workload identities, or machine authentication technologies.Strong hands-on experience administering Microsoft Entra ID, Active Directory, or similar identity platforms.Experience implementing and supporting secrets management, credential vaulting, and privileged access solutions.Strong scripting and automation skills using PowerShell, Python, Bash, or similar technologies.Experience working with OAuth 2.0, OpenID Connect, SAML, Kerberos, LDAP, certificates, and PKI technologies.Experience supporting Azure, AWS, Google Cloud, or multi-cloud environments.Ability to analyze logs, troubleshoot authentication failures, and resolve complex identity-related issues.Experience working within enterprise change management, incident management, and operational support processes.Strong verbal and written communication skills with the ability to collaborate across technical teams. What Could Set You Apart Hands-on experience with CyberArk, HashiCorp Vault, Delinea, BeyondTrust, SailPoint, Microsoft Entra Workload Identities, or similar platforms.Experience managing certificate lifecycles and public/private key infrastructure.Experience securing Kubernetes, containers, microservices, and cloud-native applications.Familiarity with Infrastructure as Code technologies such as Terraform, Bicep, ARM, or CloudFormation.Experience with SIEM platforms and identity security monitoring.CISSP, CISM, Security+, Microsoft Identity and Access Administrator, CyberArk Defender/Sentry, or related certifications.Candidates that live within a commutable distance from our Tempe, AZ and St. Louis, MO home office locations are expected to work in the office four days per week effective June 1, 2026. Before June 1, 2026, candidates that live within a commutable distance from our Tempe, AZ and St. Louis, MO home office locations are expected to work in the office three days per week, with preference for Tuesday through Thursday.** a { text-decoration: none; color: #464feb; } tr th, tr td { border: 1px solid #e6e6e6; } tr th { background-color: #f5f5f5; } At Edward Jones, we are building a place where everyone feels like they belong. We're proud of our associates' contributions to the firm and the recognitions we have received. Check out our U.S. awards and accolades: Insights & Information Blog Postings about Edward Jones Check out our Canadian awards and accolades: Insights & Information Blog Postings about Edward Jones Edward Jones does not discriminate on the basis of race, color, gender, religion, national origin, age, disability, sexual orientation, pregnancy, veteran status, genetic information or any other basis prohibited by applicable law. Edward Jones' compensation and benefits package includes medical and prescription drug, dental, vision, voluntary benefits (such as accident, hospital indemnity, and critical illness), short- and long-term disability, basic life, and basic AD&D coverage. Short- and long-term disability, basic life, and basic AD&D coverage are provided at no cost to associates. Edward Jones offers a 401k retirement plan, and tax-advantaged accounts: health savings account, and flexible spending account. Edward Jones observes ten paid holidays and provides 15 days of vacation for new associates beginning on January 1 of each year, as well as sick time, personal days, and a paid day for volunteerism. Associates may be eligible for bonuses and profit sharing. All associates are eligible for the firm's Employee Assistance Program. For more information on the Benefits available to Edward Jones associates, please visit our benefits page.

Similar jobs