SECU
Join to apply for the
Sr Security Engineer - IAM
role at
SECU .
Position Overview The Sr. Security Engineer – IAM is a mid to senior-level role responsible for driving the design, development, and advancement of SECU’s IAM program. This individual will serve as a subject matter expert (SME) and technical lead, providing support as well as participating in the strategic direction, implementation, and continuous improvement of IAM solutions, including Privileged Access Management (PAM), Single Sign-On (SSO), Identity Governance and Administration (IGA), Multi-Factor Authentication (MFA), Active Directory (AD), Customer Identity and Access Management (CIAM), and other IAM technologies. This role will be instrumental in designing and optimizing IAM frameworks, automating identity processes, and ensuring compliance with security policies and regulatory requirements. The engineer will collaborate with cybersecurity, IT, and business stakeholders to enhance security posture, mitigate identity-related risks, and drive IAM adoption. Additionally, they will mentor junior engineers, lead complex IAM projects, and provide technical guidance to strengthen the overall cybersecurity strategy.
Responsibilities
(30%) Assist with implementation and maintenance of technical security solutions including planning, deployment coordination, change management, documentation, and training to enhance SECU’s security posture.
(20%) Configure and tune security tools, integrate them with enterprise controls, and evaluate vendor offerings and new tools to improve security responsiveness.
(20%) Identify and recommend opportunities for documentation enhancements, cost savings, service quality improvements, and operational efficiency.
(10%) Support governance and compliance efforts by participating in assessments and remediation activities to ensure adherence to security standards and regulations.
(10%) Participate in on‑call rotation and serve as a resource for technical support of information security technologies and mentor junior engineers.
(10%) Pursue and maintain skills and certifications to stay current with advancing cybersecurity trends and best practices.
Participate in special assignments and cross‑functional initiatives as required.
Required Education & Experience (Knowledge, Skills, & Abilities)
Candidate must live in North Carolina or a contiguous state.
Bachelor’s degree in Computer Science, Information Technology, Cyber Security, or a related field.
Minimum 5 years of experience in a related field.
Primary IAM Solution Experience
Experience with Okta, SailPoint, and Cloud Identity solutions such as Entra and AWS.
General IAM Solutions
Proficient in implementing or supporting two or more IAM solutions such as PAM, SSO, Directory Services, IGA, CIAM, and MFA.
Experience in implementing integrations between multiple IAM solutions. Knowledge of cloud directories such as Entra ID, AWS Directory Service, and Google Cloud Identity.
Knowledge of hybrid IAM environments and cloud‑to‑cloud identity integration.
Understanding of APIs used to integrate IAM systems with other applications.
Authentication and Authorization Protocols
Understanding of authentication and authorization protocols such as OAuth 2.0, OIDC (OpenID Connect), SAML, LDAP, Kerberos, and XACML.
IAM Governance and Compliance
Familiarity with IAM governance frameworks and standards such as NIST, ISO 27001, SOX, and GDPR.
Experience with audit and compliance reporting.
User Lifecycle Management
Experience in provisioning and de‑provisioning user accounts, including Joiner‑Mover‑Leaver (JML) processes.
Experience with automation of user lifecycle management using tools such as PowerShell, Python, or IAM orchestration tools.
Experience in implementation or support of RBAC and ABAC.
Security and Risk Management
Understanding of IAM’s role in broader security frameworks and risk management.
Understanding of threat modeling and risk assessment related to identity and access.
Incident Response and Forensics
Ability to support IAM‑related incident response efforts, including identifying and mitigating identity‑based security incidents.
Understanding of forensic analysis related to identity breaches.
Automation and Scripting
Ability to leverage and understand scripting languages such as Python, PowerShell, or Bash for automating tasks.
Collaboration and Leadership
Experience in participating in cross‑functional teams in IAM initiatives.
Ability to collaborate with security, IT operations, developers, and business stakeholders to align IAM solutions with organizational goals.
Problem‑Solving and Analytical Skills
Strong problem‑solving skills for troubleshooting and resolving IAM issues.
Analytical skills for identifying patterns and improving IAM processes.
Preferred Education & Experience
Bachelor’s degree in Computer Science, Information Technology, Cyber Security, or a related field.
Preferred 5+ direct years of experience.
Professional certifications such as CISSP, CISA, CISM, GIAC, CGEIT, CRISC, OSCE, or other relevant industry certification.
Experience working within a DevOps environment.
Experience managing IAM projects from inception to delivery.
Understanding of FFIEC audit guidelines for banking regulators.
Work Environment & Physical Requirements
Computer for prolonged periods.
SECU provides equal employment opportunity to all qualified persons regardless of race, color, religion, age, sex, sexual orientation, gender identity, national origin, genetic information, disability, veteran status, or other classification protected by law.
State Employees’ Credit Union reserves the right to fill this role at a higher/lower level based on business need.
#J-18808-Ljbffr
Sr Security Engineer - IAM
role at
SECU .
Position Overview The Sr. Security Engineer – IAM is a mid to senior-level role responsible for driving the design, development, and advancement of SECU’s IAM program. This individual will serve as a subject matter expert (SME) and technical lead, providing support as well as participating in the strategic direction, implementation, and continuous improvement of IAM solutions, including Privileged Access Management (PAM), Single Sign-On (SSO), Identity Governance and Administration (IGA), Multi-Factor Authentication (MFA), Active Directory (AD), Customer Identity and Access Management (CIAM), and other IAM technologies. This role will be instrumental in designing and optimizing IAM frameworks, automating identity processes, and ensuring compliance with security policies and regulatory requirements. The engineer will collaborate with cybersecurity, IT, and business stakeholders to enhance security posture, mitigate identity-related risks, and drive IAM adoption. Additionally, they will mentor junior engineers, lead complex IAM projects, and provide technical guidance to strengthen the overall cybersecurity strategy.
Responsibilities
(30%) Assist with implementation and maintenance of technical security solutions including planning, deployment coordination, change management, documentation, and training to enhance SECU’s security posture.
(20%) Configure and tune security tools, integrate them with enterprise controls, and evaluate vendor offerings and new tools to improve security responsiveness.
(20%) Identify and recommend opportunities for documentation enhancements, cost savings, service quality improvements, and operational efficiency.
(10%) Support governance and compliance efforts by participating in assessments and remediation activities to ensure adherence to security standards and regulations.
(10%) Participate in on‑call rotation and serve as a resource for technical support of information security technologies and mentor junior engineers.
(10%) Pursue and maintain skills and certifications to stay current with advancing cybersecurity trends and best practices.
Participate in special assignments and cross‑functional initiatives as required.
Required Education & Experience (Knowledge, Skills, & Abilities)
Candidate must live in North Carolina or a contiguous state.
Bachelor’s degree in Computer Science, Information Technology, Cyber Security, or a related field.
Minimum 5 years of experience in a related field.
Primary IAM Solution Experience
Experience with Okta, SailPoint, and Cloud Identity solutions such as Entra and AWS.
General IAM Solutions
Proficient in implementing or supporting two or more IAM solutions such as PAM, SSO, Directory Services, IGA, CIAM, and MFA.
Experience in implementing integrations between multiple IAM solutions. Knowledge of cloud directories such as Entra ID, AWS Directory Service, and Google Cloud Identity.
Knowledge of hybrid IAM environments and cloud‑to‑cloud identity integration.
Understanding of APIs used to integrate IAM systems with other applications.
Authentication and Authorization Protocols
Understanding of authentication and authorization protocols such as OAuth 2.0, OIDC (OpenID Connect), SAML, LDAP, Kerberos, and XACML.
IAM Governance and Compliance
Familiarity with IAM governance frameworks and standards such as NIST, ISO 27001, SOX, and GDPR.
Experience with audit and compliance reporting.
User Lifecycle Management
Experience in provisioning and de‑provisioning user accounts, including Joiner‑Mover‑Leaver (JML) processes.
Experience with automation of user lifecycle management using tools such as PowerShell, Python, or IAM orchestration tools.
Experience in implementation or support of RBAC and ABAC.
Security and Risk Management
Understanding of IAM’s role in broader security frameworks and risk management.
Understanding of threat modeling and risk assessment related to identity and access.
Incident Response and Forensics
Ability to support IAM‑related incident response efforts, including identifying and mitigating identity‑based security incidents.
Understanding of forensic analysis related to identity breaches.
Automation and Scripting
Ability to leverage and understand scripting languages such as Python, PowerShell, or Bash for automating tasks.
Collaboration and Leadership
Experience in participating in cross‑functional teams in IAM initiatives.
Ability to collaborate with security, IT operations, developers, and business stakeholders to align IAM solutions with organizational goals.
Problem‑Solving and Analytical Skills
Strong problem‑solving skills for troubleshooting and resolving IAM issues.
Analytical skills for identifying patterns and improving IAM processes.
Preferred Education & Experience
Bachelor’s degree in Computer Science, Information Technology, Cyber Security, or a related field.
Preferred 5+ direct years of experience.
Professional certifications such as CISSP, CISA, CISM, GIAC, CGEIT, CRISC, OSCE, or other relevant industry certification.
Experience working within a DevOps environment.
Experience managing IAM projects from inception to delivery.
Understanding of FFIEC audit guidelines for banking regulators.
Work Environment & Physical Requirements
Computer for prolonged periods.
SECU provides equal employment opportunity to all qualified persons regardless of race, color, religion, age, sex, sexual orientation, gender identity, national origin, genetic information, disability, veteran status, or other classification protected by law.
State Employees’ Credit Union reserves the right to fill this role at a higher/lower level based on business need.
#J-18808-Ljbffr