Sr Security Engineer - IAM
SECU · Raleigh-Durham-Chapel Hill Area · 3 wk ago
Information TechnologyFull-time
Position Overview
The Sr. Security Engineer – IAM is a mid to senior-level role responsible for driving the design, development, and advancement of SECU’s IAM program. This individual will serve as a subject matter expert (SME) and technical lead, providing support as well as participating in the strategic direction, implementation, and continuous improvement of IAM solutions.
Responsibilities
- (30%) Assist with implementation and maintenance of technical security solutions including planning, deployment coordination, change management, documentation, and training to enhance SECU’s security posture.
- (20%) Configure and tune security tools, integrate them with enterprise controls, and evaluate vendor offerings and new tools to improve security responsiveness.
- (20%) Identify and recommend opportunities for documentation enhancements, cost savings, service quality improvements, and operational efficiency.
- (10%) Support governance and compliance efforts by participating in assessments and remediation activities to ensure adherence to security standards and regulations.
- (10%) Participate in on-call rotation and serve as a resource for technical support of information security technologies and mentor junior engineers.
- (10%) Pursue and maintain skills and certifications to stay current with advancing cybersecurity trends and best practices.
Required Education & Experience
- Candidate must live in North Carolina or contiguous state.
- Bachelor's Degree in Computer Science, Information Technology, Cyber Security, or related field.
- Minimum 5 years of experience in related field.
- Primary IAM Solution Experience: Experience with SailPoint IDN is most preferred along with experience in Okta, and Cloud Identity solutions like Entra and AWS are preferred.
- General IAM Solutions: Proficient in implementing or supporting two or more IAM solutions such as PAM, SSO, Directory Services, IGA, CIAM, and MFA.
- Knowledge of cloud directories such as Entra ID, AWS Directory Service, and Google Cloud Identity.
- Knowledge of hybrid IAM environments and cloud-to-cloud identity integration.
- Understanding of APIs how they are used to integrate IAM systems with other applications.
- Understanding of authentication and authorization protocols such as OAuth2.0, OIDC (OpenID Connect), SAML (Security Assertion Markup Language), LDAP (Lightweight Directory Access Protocol), Kerberos, and XACML (eXtensible Access Control Markup Language).
- Experience with audit and compliance reporting.
- Experience in provisioning and de-provisioning user accounts, including Joiner-Mover-Leaver (JML) processes.
- Experience with automation of user lifecycle management using tools such as PowerShell, Python, or IAM orchestration tools.
- Experience in implementation or support of Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC).
- Understanding of IAM’s role in broader security frameworks and risk management.
- Understanding of threat modeling and risk assessment related to identity and access.
- Experience in incident response and forensics.
- Understanding of forensic analysis related to identity breaches.
- Automation and Scripting: Ability to leverage and understand scripting languages such as Python, PowerShell, or Bash for automating tasks.
- Collaboration and Leadership: Experience in participating in cross-functional teams in IAM initiatives.
- Problem-Solving and Analytical Skills: Strong problem-solving skills for troubleshooting and resolving IAM issues.
- Analytical skills for identifying patterns and improving IAM processes.
Preferred Education & Experience
- Bachelor's degree in Computer Science, Information Technology, Cyber Security, or related field.
- Professional certifications such as: CISSP, CISA, CISM, GIAC, CGEIT, CRISC, OSCE, or other relevant industry certification and/or desire to obtain such certifications.
- Experience working within a DevOps environment.
- Experience in managing IAM projects from inception to delivery.
- Understanding of FFIEC audit guidelines for banking regulators.