Security Engineer – Identity & Privileged Access Management (IAM & PAM) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Exegy · 3 days ago

Security Engineer – Identity & Privileged Access Management (IAM & PAM)

positionSt Louis, MO
timeFull-time
remoteOnsite
senioritySenior Level
date5+ years exp

Exegy is a global leader in intelligent market data and advanced trading systems. The Security Engineer – IAM & PAM is responsible for designing, implementing, and operating identity, authentication, authorization, and privileged access controls across the enterprise.

Information TechnologyService IndustrySoftware
check
H1B Sponsor Likelynote

Responsibilities

Design, implement, and maintain IAM and PAM platforms supporting workforce, privileged, and service identities
Enforce least-privilege access models, role-based access control (RBAC), and attribute-based access control (ABAC) where appropriate
Implement strong authentication controls, including MFA, conditional access, and phishing-resistant authentication
Manage privileged identities for administrative, infrastructure, cloud, and application accounts
Eliminate shared, standing, and unmanaged privileged accounts through vaulting, just-in-time (JIT) access, and session recording
Ensure privileged access is time-bound, approved, logged, and auditable
Lead initiatives to identify and remediate over-provisioned access, orphaned accounts, and excessive entitlements
Design and operate access review and certification processes in collaboration with GRC and business owners
Integrate IAM with HR systems and ITSM to automate joiner, mover, and leaver workflows
Partner with Risk and GRC teams to align IAM/PAM controls to ISO 27001, NIST, CIS Controls, and regulatory requirements
Perform periodic access risk assessments and provide remediation recommendations
Develop metrics that demonstrate risk reduction, such as decreased standing privileged access, faster de-provisioning, and reduced audit findings
Support security incident investigations related to identity misuse, credential compromise, or privilege escalation
Ensure IAM and PAM logs integrate with SIEM and monitoring platforms for visibility and alerting

Qualification

IAM platformsPAM platformsRBAC modelsAuthentication protocolsIdentity governanceSecurity frameworksOrganizationCollaborationCommunication

Required

5+ years of experience in information security or identity engineering, with deep focus on IAM and/or PAM programs
Hands-on experience designing, implementing, and operating enterprise IAM and PAM platforms (e.g., Azure AD / Entra ID, Okta, Ping, CyberArk, BeyondTrust, Delinea, HashiCorp Vault, or comparable solutions)
Proven experience building and maintaining RBAC models, automating joiner-mover-leaver workflows, and leading entitlement cleanup initiatives
Strong working knowledge of modern authentication and authorization protocols (SAML, OAuth, OIDC, LDAP, Kerberos)
Experience integrating identity systems across cloud platforms, SaaS applications, on-prem infrastructure, and CI/CD pipelines
Demonstrated experience reducing access-related audit findings and closing identity control gaps
Working knowledge of common security and compliance frameworks (e.g., ISO 27001 Annex A, NIST SP 800-53, CIS Controls), with emphasis on access control and identity safeguards
Ability to translate security and compliance requirements into practical, scalable identity controls that support business operations
Effective partner to IT, Security, HR, and business teams to align identity controls with real-world workflows
Comfortable communicating access risk, least-privilege principles, and control decisions to both technical and non-technical stakeholders
Organized and process-oriented, with the judgment to balance security rigor, operational efficiency, and user experience

Preferred

Exposure to regulated environments such as SOX, PCI-DSS, HIPAA, or similar compliance frameworks
Experience working with identity governance (IGA) platforms, access reviews, or access analytics
Relevant security or identity certifications (e.g., CISSP, CISM, GIAC, or IAM/PAM vendor certifications) are beneficial but not required

Company

Exegy

twittertwittertwitter
company-logo
Exegy provides ultra-high performance, hardware-accelerated computing appliances that process market data for financial organizations.
dateFounded in 2003
location
St Louis, Missouri, USA
people-size201-500 employees
web-link
http://www.exegy.com

H1B Sponsorship

Exegy has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (1)
2024 (3)
2023 (2)
2022 (1)
2021 (2)
2020 (1)

Funding

Current Stage
Growth Stage
Total Funding
$16.79M
Key Investors
Marlin Equity PartnersSkandalaris Center for Interdisciplinary Innovation and Entrepreneurship
2021-05-20Private Equity
2013-02-11Debt Financing· $1.5M
2011-06-01Grant

Leadership Team

leader-logo
David Taylor
Chief Executive Officer
linkedin
leader-logo
Jim O'Donnell
CEO
linkedin

Recent News

Crowdfund Insider
Exegy Nexus Designed For Low-Latency Market Making
2025-11-24
Crowdfund Insider
Exegy Research Quantifies Tech Costs, Compares In-House, Vendor Solutions
2025-09-29
PR.com
A-Team Group Names Winners of Its Innovation Awards 2025
2025-05-01
Company data provided by crunchbase