Senior DevSecOps Engineer – IAM Engineer

This is a fully remote position, open to applicants in Mexico.

📋 Description

• Collaborate with our team and others to actively design and develop identity automation for a global enterprise with a varied landscape of Identity Providers (IDPs).

• Implement and comprehend cloud solutions (AWS) utilizing Infrastructure as Code tools (Terraform or Crossplane) for Security Tools (SailPoint Identity Cloud or other Identity Governance and Administration tools, CyberArk, Delinea, Clutch, HashiCorp Vault, Secrets Management, etc.).

• Guide engineers in onboarding security tools such as Identity Governance Administration (IGA), Identity Threat Detection and Response (ITDR), Privileged Access Management (PAM), Secrets Management, etc., into the Security DevSecOps lifecycle across multiple technology stacks.

• Based on a set of requirements, draft solution designs and initiate collaboration with stakeholders to refine these designs to align with their expectations.

• Assist in the implementation of identity governance and administration (IGA) solutions for the organization.

• Develop automated tools to test identity systems to ensure detection mechanisms function as intended.

• Create automation for policy and posture collection and reporting, enabling identity-specific proofs managed within Infrastructure as Code.

• Design and manage pipelines for deploying and managing IAM solutions and tools.

• Provide engineering and technical support for automating interactions with security tools and services that underpin the IAM program within the organization.

• Stay updated on emerging security technologies and tools, offering recommendations as needed.

• Support compliance and certification initiatives, ensuring design considerations align with these objectives.

• Collaborate with other engineers on design, analysis, architecture, implementation, security reviews, and process enhancements.

⛳️ Requirements

• Familiarity with Application and DevSecOps processes, particularly with CI/CD pipelines from the early stages of the software lifecycle.

• Proficiency in implementing and understanding cloud solutions (AWS) using Infrastructure as Code tools (Terraform or Crossplane) for Security Tools (DAST, SAST, SCA, IaC, IAST, Supply Chain Security, Secrets Management, etc.).

• Experience in building CI/CD pipelines using Jenkins MPL and GitHub Actions, ArgoCD for Security Artifacts.

• Knowledge of IAM Security Tools (IGA, ITDR, PAM, Secrets Management, etc.) is considered an asset.

• Expertise in Speed Architecture utilizing Docker and Kubernetes, alongside cloud hosting providers like AWS.

• Act as a liaison for developer teams to integrate software service tools (Jenkins, jFrog Artifactory, GitHub Actions) into automation for on-premises, SaaS, and Cloud Security Tools.

• Guide engineers in onboarding security tools such as DAST, SAST, SCA, IaC, IAST, Supply Chain Security, and Secrets Management, focusing on vulnerability and open-source scanning within the Security DevSecOps lifecycle across various technology stacks.

• Proficient in at least one high-level programming language (e.g., Python).

• Practical experience with privileged access management tools (CyberArk, SailPoint, Okta, Delinea, Clutch).

• Background in secrets management (e.g., HCP Vault) with experience in CyberArk PAM.

• Intermediate skills in AWS Identity (IAM, IDC).

• Practical experience in a security role, ideally within the financial services or technology sectors.

• Hands-on experience with AWS, Azure, or other cloud platforms, along with IAM best practices.

• Understanding of compliance frameworks (PCI-DSS, ISO 27001, NIST).

🏝️ Benefits

• A culture of inclusivity that strongly reflects our core values: Act Like an Owner, Delight Our Customers, and Earn the Respect of Others.

• Opportunities to make a significant impact and grow professionally by leveraging your unique strengths and engaging in valuable learning experiences.

• Competitive compensation, benefits, and rewards programs designed to encourage you to bring your best every day and be acknowledged for your contributions.

• A dynamic, people-first work environment that promotes work/life balance, offers employee resource groups, and hosts social events to foster interaction and camaraderie.