CrawlJobs Logo
Citi Logo Citi · IT - Software Development

Senior IAM Engineer - Platform Security

United States, Jacksonville Employment contract 113840.00 - 170760.00 USD / Year · Job Posted May 04, 2026
Apply Position
Job Link Share

Job Description

Citi Secure is seeking a skilled Senior IAM Engineer to join our team, focusing on the design, implementation, and maintenance of secure and scalable IAM solutions. This role is pivotal in enhancing our market capabilities by collaborating with business teams on critical software projects related to application security. The successful candidate will be integral to all phases of the Software Development Lifecycle, from requirements gathering and architecture to implementation and support, ensuring our IAM services are robust, compliant, and aligned with strategic business objectives.

Job Responsibility

  • Design, implement, and maintain secure, scalable applications and infrastructure with a primary focus on Identity and Access Management (IAM) solutions
  • Manage franchise-critical security application infrastructure, including project delivery, integration, and operational subject matter expertise
  • Collaborate with cross-functional teams to gather requirements and ensure IAM solutions are strategically aligned with business needs
  • Develop robust scripts and/or Java/J2EE code to facilitate system monitoring, enhance process automation, and deliver project requirements
  • Create and diligently maintain comprehensive documentation for all IAM systems, processes, and problem resolutions within Knowledge Base tools
  • Provide expert technical application support for the security infrastructure, proactively troubleshooting and expediently resolving IAM-related issues to ensure minimal disruption
  • Conduct regular, thorough security audits, penetration testing, and SDLC validation to systematically identify and mitigate potential vulnerabilities before production deployment
  • Ensure strict adherence to internal controls and compliance standards defined by Citi
  • Proactively identify and implement automation opportunities for repetitive processes using tools like Ansible
  • Actively contribute to the strategic development, ongoing refinement, and roadmap planning for the firm's IAM initiatives
  • Strategically engage with vendors and internal support teams to maintain an up-to-date technology stack and promptly address End-Of-Vendor-Support (EOVS) issues
  • Serve as an Identity and Access Management Subject Matter Expert (SME) to senior stakeholders and team members, offering guidance, specialized knowledge, and targeted training

Requirements

  • 6+ years' experience in IAM roles as it relates to the experience requirements below
  • 4+ years of hands-on Java/J2EE programming experience
  • 2+ years' experience scripting in Unix/Linux environments
  • Strong proficiency with Java IDEs (Eclipse), API testing tools (SOAP UI, Postman), LDAP clients, source control utilities (e.g., Git), and build/packaging tools (Ansible, Jenkins, Maven)
  • Extensive application security experience, with deep knowledge of SSO, Federation protocols (SAML, OpenID Connect, OAuth2), and Multi-factor Authentication (MFA)
  • Proven experience in architecting, designing, and implementing large-scale IAM solutions
  • Ability to customize, configure, and develop IAM solution integrations and independently manage project deliverables
  • Strong knowledge of application architecture, System Integration Testing (SIT), Functional Testing, and Regression Testing
  • Bachelor's Degree in Computer Science, IT, or a related field, or equivalent work experience

Nice to have

  • Expertise in at least one of the following application servers: IBM WebSphere or IBM WebSphere Liberty is a plus
  • Experience with containerization and orchestration technologies (e.g., Docker, OpenShift, Kubernetes) is a plus
  • Working experience with LDAP and databases is a plus
  • Knowledge of mobile application development is a plus

What we offer

  • medical
  • dental & vision coverage
  • 401(k)
  • life, accident, and disability insurance
  • wellness programs
  • paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays
Citi - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior IAM Engineer - Platform Security

8 matching positions

Senior Platform Security Engineer

As a Senior Platform Security Engineer at Aignostics, you will be a key member o...
Location
Location
Germany , Berlin
Salary
Salary:
Not provided
aignostics.com Logo
Aignostics
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in cloud security or platform security engineering, with a track record of securing complex, cloud-native infrastructure in production environments
  • Deep experience securing GCP and/or AWS environments, with strong knowledge of IAM, PAM, network security, and container platforms
  • Proven experience conceptualizing and implementing centralized identity provider solutions, SSO & SCIM, and authentication frameworks
  • Experience building CVE management programs, implementing automated scanning solutions, and driving remediation processes
  • Strong programming and scripting abilities (Python, Bash, Go) to automate security processes, build security tools, and integrate security into CI/CD pipelines
  • Ability to explain complex security concepts to technical and non-technical audiences, drive technical platform security decisions, and collaborate across teams (fluent in English, German is a plus)
  • Contribute to the discovery, prioritization and mitigation of technical vulnerabilities
  • Understanding of security compliance frameworks (ISO 27001, GDPR, HIPAA) and experience implementing controls to meet regulatory requirements
Job Responsibility
Job Responsibility
  • Secure our cloud foundation in GCP and AWS: Design and implement technical security controls for our GCP and AWS infrastructure, including Kubernetes, storage services, VPCs, Cloud Run, and cloud-native workloads to protect sensitive healthcare data and AI models in alignment with our existing ISO 27001 controls
  • Secure our working environment: Support the integration of platform components and services into our Central Identity Provider (IDP) and the improvement of self-service access, and privileged access management across cloud services
  • Manage vulnerabilities at scale: Strengthen our CVE management processes and automate vulnerability scanning for containers and infrastructure
  • Automate security at scale: Develop security-as-code solutions using Terraform, create CI/CD security gates using policy-as-code, and build automated remediation workflows to embed security into our development lifecycle
  • Enable secure development: Partner with engineering and data science teams to provide technical platform security consultation, create self-service security patterns, and educate developers on security best practices in alignment with Security Awareness Program
What we offer
What we offer
  • Cutting-edge AI research and development, with involvement of Charité, TU Berlin and our other partners
  • Work with a welcoming, diverse and highly international team of colleagues
  • Opportunity to take responsibility and grow your role within the startup
  • Expand your skills by benefitting from our Learning & Development yearly budget of 1,000€ (plus 2 L&D days), language classes and internal development programs
  • Mentoring program, you’ll learn from great experts
  • Flexible working hours and teleworking policy
  • Enjoy your well-deserved time off within our 30 paid vacation days per year
  • We are family & pet friendly and support flexible parental leave options
  • Pick a subsidized membership of your choice among public transport, sports and well-being
  • Enjoy our social gatherings, lunches, and off-site events for a fun and inclusive work environment
Read More
Arrow Right

Senior Security Engineer - IAM

As a Senior Security Engineer, you will be responsible for the design and develo...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
uber.com Logo
Uber
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ Years of experience in development, Design and consulting for developing, designing SailPoint IIQ or similar IGA solutions, and Authentication platforms at large organizations
  • Experience with developing complex software systems scaling to millions of users with production quality deployment, monitoring, and reliability
  • Experience with large-scale distributed storage and database systems (SQL e.g. MySQL)
  • Ability to decompose complex business problems and help lead multiple teams in solving them
  • Understand Role-Based Access Control, Policy-Based Access Control, Attribute based access control, Governance, Access Certification in SailPoint
  • Experience in Web and Middleware technologies such as Nginx, Tomcat, Weblogic
  • Skill set in traffic management, Service and Session Load balancing skills primarily on HAProxy, NLB and F5 are added benefits
  • Leveraged tools like Cursor, GitHub Copilots to improve developer productivity
Job Responsibility
Job Responsibility
  • Design and development of Identity and Access Governance systems and microservices responsible for authentication, authorization, and single sign-on app integrations
  • Build new Features, APIs, Rules, Workflows, Analytics, Tasks and Reports for the Information Security org
  • Providing and assisting in defining Identity Security controls, best practices, compliance controls for Uber’s internal workforce and services
  • Identification and adoption of security trends, software engineering best practices defined by Uber engineering
  • Design and Build extensible access governance features, centralized and adaptive access management system, and Risk Models for the organization
  • Provide technical leadership in designing, implementing, testing, and rolling out the Identity platform (e.g. SailPoint IIQ, Cloud Identity, LDAP, MFA, SSO, etc.) at Uber
  • Practice Software engineering best practices while writing or reviewing code
  • Develop high quality engineering design documents for new integrations and initiatives
  • Engineer, Configure, Implement and maintain Identity and Access Management solutions and services
  • Resolve bugs through strong programming, critical problem solving, database query skills
Read More
Arrow Right

Senior Security Engineer, Security Operations

The senior security engineer role provides a unique opportunity to shape the sec...
Location
Location
United States , REMOTE; SAN FRANCISCO; ROSEVILLE; LEHI; WEST PALM BEACH; IRVINE
Salary
Salary:
146000.00 - 170000.00 USD / Year
goodleap.com Logo
GoodLeap
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences
  • Expertise in security event management, monitoring, threat hunting, incident response, playbook creation, orchestration/automations
  • Experience with threat modeling methodologies
  • Expertise with EDR solutions/platforms, such as CrowdStrike, S1, Palo Alto Cortex EDR
  • Experience with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus)
  • Proven ability to establish credibility and build trust with business, engineers, and operational staff
  • Experience designing, configuring, and implementing security and fraud monitoring for core enterprise systems, e.g., ERP, HCM, Salesforce
  • Experience working with and creating solutions based AI and ML toolsets – e.g., creation of AI skills, agents, MCP clients, vibe coding
  • Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases
  • Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK
Job Responsibility
Job Responsibility
  • Lead, participate in, and contribute to security and fraud monitoring, detection, and response activities, inclusive of investigations, threat hunting,etc. Create playbooks for specific incident response scenarios
  • Identify potential misuse and abuse cases in enterprise systems, propose solutions to detect these scenarios, and identify and implement monitoring and detection solutions for such scenarios
  • Support or develop components of the security analytics platform
  • Support embedded (product) security team
  • Support general security operations team with vulnerability management, tools management, and more
What we offer
What we offer
  • bonus
  • equity
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

We are seeking a Senior Security Engineer to design, implement, and manage enter...
Location
Location
United States , Jacksonville
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in cybersecurity, security engineering, or related IT roles
  • Strong knowledge of security tools and technologies: SIEM platforms
  • Firewalls, IDS/IPS
  • Endpoint protection / anti-malware
  • Experience with: Cloud security (AWS, Azure, or GCP)
  • Network security and system hardening
  • Identity and access management (IAM) concepts
  • Understanding of cybersecurity frameworks (NIST, ISO, etc.)
  • Experience with vulnerability management and risk mitigation strategies
  • Knowledge of compliance standards (PCI, privacy regulations)
Job Responsibility
Job Responsibility
  • Design, deploy, and support secure systems aligned with business objectives and regulatory requirements
  • Develop and maintain security policies, standards, and best practices to improve overall security posture
  • Architect and support security infrastructure including: SIEM (Security Information and Event Management)
  • DLP (Data Loss Prevention)
  • IPS (Intrusion Prevention Systems)
  • Monitor and manage security systems, including provisioning, alerting, and incident response
  • Perform system validation, troubleshooting, and root cause analysis for security incidents
  • Conduct vulnerability assessments and partner with teams to implement remediation plans
  • Support system patching, maintenance, and security hardening initiatives
  • Collaborate with engineering, infrastructure, and business teams to integrate security into all projects
What we offer
What we offer
  • Medical, vision, dental, and life and disability insurance
  • 401(k) plan
  • Free online training
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

We are looking for a Senior Security Engineer – PAM to join the Global Informati...
Location
Location
United States , Burbank
Salary
Salary:
90.00 - 97.00 USD / Hour
softwareresources.com Logo
Software Resources
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5+ years of experience in cybersecurity or identity and access management, with at least 3 years focused on Privileged Access Management
  • Hands-on experience administering enterprise PAM platforms such as CyberArk (EPV, PSM, PVWA, CPM, CCP) or CA PAM (Broadcom Privileged Access Manager)
  • Proficiency in scripting and automation with PowerShell and/or Python for PAM workflows
  • Experience integrating PAM solutions with enterprise directories (Active Directory, LDAP) and cloud platforms (AWS, Azure, GCP)
  • Strong understanding of PAM concepts: credential vaulting, session recording, just-in-time access, least privilege, secrets management, and SSH key management
  • Demonstrated experience supporting compliance and audit processes (SOX, PCI-DSS, or similar frameworks)
  • Ability to work effectively across cross-functional teams in a large enterprise environment
  • BA/BS Degree Comp Sci/IS or related field
Job Responsibility
Job Responsibility
  • Design, implement, and maintain enterprise PAM solutions including privileged account vaulting, session management, just-in-time access, and secrets management
  • Administer and operate PAM platforms (e.g., CyberArk, CA PAM) across on-premises and cloud environments, ensuring high availability and security policy enforcement
  • Develop and maintain automation for PAM onboarding, account provisioning, rotation, and reconciliation using PowerShell, Python, REST APIs, and Terraform
  • Collaborate with IT, Cloud, DevOps, and application teams to integrate PAM controls into CI/CD pipelines, cloud platforms, and third-party systems
  • Define and enforce privileged account policies aligned with security standards, regulatory requirements, and industry best practices
  • Lead PAM-related risk assessments, access reviews, and audit response activities
  • Troubleshoot complex PAM platform issues, driving root cause analysis and permanent remediation
  • Mentor junior engineers and contribute to team documentation, runbooks, and architectural standards
  • Identify opportunities to reduce the privileged access attack surface through improved tooling, automation, and process improvements
  • Support knowledge sharing across the PAM team by leading technical discussions, reviewing peers' work, and contributing to team learning initiatives
What we offer
What we offer
  • Medical coverage
  • Dental coverage
  • Vision coverage
  • 401(k) with company match
  • Short-term disability
  • Life insurance with AD&D
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

As a Senior Corporate Security Engineer, you will lead the design and operation ...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
deliveroo.co.uk Logo
DELIVER
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or equivalent practical experience
  • 5+ years’ experience in Security Engineering, Corporate Security, Detection & Response, or a related field
  • Hands-on experience administering IAM platforms (e.g. Okta, GoogleWorkspace)
  • Deep hands-on experience with GoogleWorkspace products
  • Practical hands-on experience with Cloud platforms (e.g AWS, GCP)
  • Relevant and practical experience with Infrastructure-as-code (e.g Terraform)
  • Experience implementing modern authentication standards (FIDO2, WebAuthn, SAML, OAuth 2.0, OpenID Connect)
  • Practical experience securing macOS, Windows and Linux endpoints using MDM and EDR/XDR tooling
  • Experience operating SIEM and/or SOAR platforms and tuning detection logic
  • Experience with vulnerability management and patch governance
Job Responsibility
Job Responsibility
  • Architecture & Control Implementation: Design, deploy, and maintain core corporate security controls, including phishing-resistant MFA, Just-In-Time (JIT) access, strict role-based access control (RBAC), zero-trust architectures, device and identity bound proofing and modern network isolation
  • Tooling Ownership: Serve as the technical owner for a broad suite of corporate security systems, managing deployments, configurations, and API integrations for tools across the corporate environment
  • Technical Leadership: Lead and implement the technical strategy for Endpoint Device trust, Data Loss Prevention, Intellectual property storage, and SaaS application security, alongside wider corporate security technical controls
  • Automation & Engineering: Write scripts and build tools to automate security workflows, incident response tasks, and audit evidence collection for compliance
  • Cross-Functional Collaboration: Work with IT and business operations to integrate security tools into everyday workflows, and guide non-security teams to adopt secure baselines (e.g., CIS Benchmarks) as standard practice
  • Mentorship: Mentor junior and mid-level engineers, explain technical concepts clearly to non-technical staff, and help improve the team's engineering standards
What we offer
What we offer
  • Competitive and comprehensive compensation and benefits package
  • Up to 5% matched pension contributions
  • Eligibility for share awards
  • Free Deliveroo Plus
  • Team lunches from the best local restaurants
  • 25 days annual leave plus bank holidays, increasing with length of time spent working at Deliveroo
  • One day of paid leave per year to volunteer with a registered charity
  • Funded single cover healthcare on our core plan, with the option to add family members at own cost
  • On-site gym (HQ), discounted external gym membership
  • Access to wellbeing apps such as LesMills+, Strava, Headspace, Yogaia via GymPass
  • Fulltime
Read More
Arrow Right

Senior Platform Engineer

Senior Platform Engineer needed to support a shared platform used by a large num...
Location
Location
United States , St. Louis
Salary
Salary:
90.00 - 110.00 USD / Hour
apexsystems.com Logo
Apex Systems
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in platform, infrastructure, or DevOps engineering
  • Strong GitLab CI/CD and Docker experience
  • Hands‑on CVE remediation and security compliance experience
  • Terraform and AWS experience
  • Strong TypeScript proficiency
  • Experience supporting platforms used by many developers
  • Comfortable with on‑call responsibilities
  • Strong communication skills
Job Responsibility
Job Responsibility
  • Improve GitLab CI/CD pipelines across many repositories
  • Maintain reusable pipeline templates
  • Increase pipeline reliability, performance, and cost efficiency
  • Support Maven and NPM build standards
  • Remediate CVEs using Trivy, Snyk, and AWS Inspector
  • Maintain compliance with CIS benchmarks and DISA STIGs
  • Coordinate remediation with application teams
  • Document repeatable security patterns
  • Maintain hardened Docker base images
  • Manage images in ECR and Artifactory
What we offer
What we offer
  • Medical
  • Dental
  • Vision
  • Life insurance
  • Disability insurance
  • ESPP (employee stock purchase program)
  • 401K program with company match after 12 months
  • HSA (Health Savings Account on the HDHP plan)
  • SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions
  • Corporate discount savings program
  • Fulltime
Read More
Arrow Right

IAM Security Engineer – Identity Governance & Administration

We are seeking a Senior IAM Security Engineer specializing in Identity Governanc...
Location
Location
United States , Indianapolis
Salary
Salary:
40.00 - 48.00 USD / Hour
solomonpage.com Logo
Solomon Page
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience)
  • Strong hands-on experience with IGA platforms such as SailPoint and/or Saviynt
  • Experience managing user, entitlement, privileged, and non-human identity certifications
  • Solid understanding of IAM concepts including: Least privilege and access governance, Role-Based Access Control (RBAC), Non-human identity management, Joiner / Mover / Leaver (JML) lifecycle
  • Experience supporting access governance audits and compliance activities
  • Strong Excel and documentation skills
  • Strong project coordination or project management experience
Job Responsibility
Job Responsibility
  • IGA Certification Lifecycle Execution
  • Own the end-to-end lifecycle of access certifications, including design, configuration, launch, monitoring, escalation, closure, and documentation
  • Configure and manage certifications within SailPoint and Saviynt
  • Define certification parameters including scope, reviewers, schedules, escalation rules, and completion criteria
  • Monitor certification campaigns daily and manage reviewer follow-ups, escalations, and overdue items
  • Post-Certification Remediation & Follow-Through
  • Manage all post-certification remediation activities
  • Partner with IAM provisioning teams and application owners to ensure remediation activities are properly executed
  • Ensure certifications are closed with complete, audit-ready documentation and evidence
  • Audit Readiness & Governance
What we offer
What we offer
  • medical
  • dental
  • 401(k)
  • direct deposit
  • commuter benefits
  • Fulltime
Read More
Arrow Right