Urgent requirements for :: Security Engineer (IAM) :: Frisco, TX (onsite)

Security Engineer – Identity & Access Management

 Frisco, Texas

Responsible for analysis, design and implementation coordination for tool and service designs within the cloud identity domain.

Required skills:

· Deep understanding of cloud computing principles, including virtualization, containerization, microservices, and serverless computing; Risk Management, RHCP security, container security, Kubernetes security, IAM security, network security, auditing, encryption, secrets management and data protection, securing CI/CD 

· IAM Policy ‘as code’ ; OPA – Open Policy Agent (Styra Enterprise version of OPA); Cedar – Aws open source policy agent

· Experience implementing Zero trust architectures

· Excellent problem-solving, analytical, and communication skills.

· Ability to work independently and collaboratively in a fast-paced, agile environment.

· Create Identity & Access as code leveraging tools such as ansible, terraform to provision in cloud

· Analyze environments to identify both technical and operational challenges while making recommendations and developing solutions for improvement

· Lead complex or high severity troubleshooting and incident/problem resolutions with other security or cloud teams

· Maintain knowledge of current developments in identity and cybersecurity, pertaining to threats to IT environments

· Bachelor’s degree in IT, Cybersecurity or related field or equivalent experience

· 5+ years of experience in Information security with 4+ years of experience in Identity and Access Management

· 3+ years of experience of cloud IAM and security experience.

· Strong knowledge of hybrid cloud, AWS, GCP, Azure and EntraID/Azure AD, OpenShift, Openstack Keystone

· Hands on experience with HashiCorp Vault, Cyberark or similar (PAM, secrets, certificate management platform)

· Advances knowledge of Identity Security concepts, least-privilege, separation of duties, and Zero trust design principals

· Experience implementing Kubernetes RBAC access controls

· Understanding of federation technologies (WS-Fed, OAuth, OpenID connect, SAML …) and of encryption technologies (encryption types and protocols/standards)

· RBAC based access for cluster namespaces

· Vulnerability and threat management

· Professional certifications CIMP, CIAM, CISSP