Senior Security & IAM Engineer

This is a remote position.

We are seeking an experienced Senior Security & Identity and Access Management (IAM) Engineer with 5+ years of experience to lead IAM governance, access control strategy, and compliance initiatives across the environment. This role requires deep expertise in least-privilege models, secrets management, encryption controls, patch compliance validation, and audit readiness, while championing Zero Trust security principles.

Key Responsibilities

IAM Governance & Access Management

· Lead and maintain IAM governance frameworks aligned with security best practices and regulatory requirements.

· Enforce least-privilege and role-based access models across users, services, and privileged accounts.

· Oversee and lead quarterly access reviews , ensuring timely certification and remediation of access exceptions.

· Provide guidance on access lifecycle management, including JML processes.

Secrets Management & Credential Security

· Design, implement, and maintain secrets management solutions such as AWS Secrets Manager or equivalent platforms.

· Ensure secure storage, access controls, rotation policies, and lifecycle management for secrets, API keys, and credentials.

· Advise engineering teams on secure secret handling and integration patterns.

Patch Compliance & Security Validation

· Validate and monitor patch compliance across platforms to ensure adherence to defined SLAs and risk thresholds.

· Analyze patching gaps, drive remediation efforts, and manage exception processes where necessary.

· Provide compliance and risk visibility to stakeholders through reports and dashboards.

Encryption & Data Protection Controls

· Define and enforce encryption standards for data at rest and in transit across cloud and enterprise systems.

· Validate implementation of encryption controls and secure communication protocols.

· Support key management practices and integration with identity and access controls.

Zero Trust Enablement

· Champion Zero Trust security principles , with a focus on identity-centric access, continuous verification, and network controls.

· Promote Zero Trust awareness and best practices across engineering and IT teams.

· Support design and implementation of identity-driven security architectures.

Compliance, Audit & Evidence Management

· Lead creation and maintenance of compliance evidence artifacts for internal reviews and external audits.

· Support audit activities by providing documentation related to IAM controls, encryption posture, patch compliance, and secrets management.

· Partner with GRC and audit teams to address findings and implement corrective actions.

Required Skills & Qualifications

· 5+ years of experience in Security Engineering, IAM, or Identity Governance roles.

· Deep expertise in IAM concepts including RBAC, ABAC, least-privilege, and privileged access management.

· Strong hands-on experience with secrets management solutions (AWS Secrets Manager or equivalent).

· Proven experience validating patch compliance and security SLAs.

· Strong understanding of encryption standards and secure communication protocols.

· Excellent documentation, communication, and stakeholder management skills.

· Hands-on experience with cloud platforms such as AWS, Azure, or GCP .

· Familiarity with Zero Trust architectures and frameworks.

· Exposure to compliance frameworks such as ISO 27001, SOC 2, PCI-DSS, or NIST .

· Experience operating in large-scale or regulated enterprise environments.