Apply on Employer Site

SECU · 16 hours ago

Sr. Security Engineer - IAM

Raleigh, NC

Full-time

Onsite

Senior Level

5+ years exp

SECU is a credit union that believes in the philosophy of 'People Helping People'. They are seeking a Sr. Security Engineer - IAM who will be responsible for driving the design, development, and advancement of the IAM program, serving as a subject matter expert and technical lead, and collaborating with various stakeholders to enhance security posture and mitigate identity-related risks.

AccountingBankingFinancial Services

Responsibilities

(30%) Assist with implementation and maintenance of technical security solutions including planning, deployment coordination, change management, documentation, and training to enhance SECU’s security posture

(20%) Configure and tune security tools, integrate them with enterprise controls, and evaluate vendor offerings and new tools to improve security responsiveness

(20%) Identify and recommend opportunities for documentation enhancements, cost savings, service quality improvements, and operational efficiency

(10%) Support governance and compliance efforts by participating in assessments and remediation activities to ensure adherence to security standards and regulations

(10%) Participate in on-call rotation and serve as a resource for technical support of information security technologies and mentor junior engineers

(10%) Pursue and maintain skills and certifications to stay current with advancing cybersecurity trends and best practices

Qualification

IAM SolutionsSailPoint IdentityNowAuthentication ProtocolsUser Lifecycle ManagementCloud DirectoriesIAM GovernanceSecurity Risk ManagementIncident ResponseAnalytical SkillsCollaborationProblem-Solving

Required

Candidate MUST live in North Carolina or contiguous state

Bachelors degree in Computer Science, Information Technology, Cyber Security, or related field

Additional 3 years of relevant experience can be considered in lieu of degree

Minimum 5 year of experience in related field

Primary IAM Solution Experience

Proficient with SailPoint IdentityNow (IDN) architecture, administration, and configurations

Knowledge of Identity Profiles and Source configurations

Hands-on experience with Access Profiles, Roles, Policies, and Certifications

Experience configuring SaaS-based Identity Governance (IG) solutions

Expertise in Joiner-Mover-Leaver (JML) workflows

Experience implementing access request, approval workflows, and certification campaigns

Experience with Segregation of Duties (SoD) and compliance enforcement

Demonstrated experience with most common IGA and SailPoint connectors including Active Directory (AD), EntraID, JDBC, exchange, mainframe, web service, and authoritative sources integration (such as Workday)

General IAM Solutions

Proficient in implementing or supporting two or more IAM solutions such as PAM, SSO, Directory Services, IGA, CIAM, and MFA

Experience in implementing integrations between multiple IAM solutions

Knowledge of cloud directories such as Entra ID, AWS Directory Service, and Google Cloud Identity

Knowledge of hybrid IAM environments and cloud-to-cloud identity integration

Understanding of APIs how they are used to integrate IAM systems with other applications

Understanding of authentication and authorization protocols such as OAuth2.0, OIDC (OpenID Connect), SAML (Security Assertion Markup Language), LDAP (Lightweight Directory Access Protocol), Kerberos, and XACML (eXtensible Access Control Markup Language)

Familiarity with IAM governance frameworks and standards such as NIST, ISO 27001, SOX, and GDPR

Experience with audit and compliance reporting

Experience in provisioning and de-provisioning user accounts, including Joiner-Mover-Leaver (JML) processes

Experience with automation of user lifecycle management using tools such as PowerShell, Python, or IAM orchestration tools

Experience in implementation or support of Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC)

Understanding of IAM's role in broader security frameworks and risk management

Understanding of threat modeling and risk assessment related to identity and access

Ability to support IAM-related incident response efforts, including identifying and mitigating identity-based security incidents

Understanding of forensic analysis related to identity breaches

Ability to leverage and understand scripting languages such as Python, PowerShell, or Bash for automating tasks

Experience in participating in cross-functional teams in IAM initiatives

Ability to collaborate with security, IT operations, developers, and business stakeholders to align IAM solutions with organizational goals

Strong problem-solving skills for troubleshooting and resolving IAM issues

Analytical skills for identifying patterns and improving IAM processes

Preferred

Bachelors degree in Computer Science, Information Technology, Cyber Security, or related field

Preferred 5+ direct years of experience

Professional certifications such as: CISSP, CISA, CISM, GIAC, CGEIT, CRISC, OSCE, or other relevant industry certification and/or desire to obtain such certifications

Experience working within a DevOps environment

Experience in managing IAM projects from inception to delivery

Understanding of FFIEC audit guidelines for banking regulators

Company

SECU

Glassdoor3.4

Even though we're North Carolina's largest credit union, we're still just "people helping people." We currently serve over 2.6 million members through more than 270 branch offices - and growing! Members have 24/7 access to account services from over 1,100 ATMs, as well as via phone, our website, and the SECU Mobile App.

Founded in 1937

Raleigh, North Carolina, USA

5001-10000 employees