Senior Security Engineer – IAM/PAM Specialist
Nexus Consultancy LLC
Description
Job Title: Senior Security Engineer – IAM/PAM Specialist.
Location: Onsite
Experience: 8+ Years in IAM/PAM
Education: Bachelor’s Degree in Computer Science or related field
Job Summary:
We are looking for a seasoned Security Engineer with deep expertise in Privileged Access Management (PAM) and Identity & Access Management (IAM), specializing in Wallix PAM and HashiCorp Vault. The ideal candidate will have hands-on experience deploying, configuring, and optimizing these solutions to enforce Zero Trust and mitigate credential-based threats.
Key Responsibilities:
PAM & IAM Implementation:
- Design, deploy, and manage Wallix PAM solutions for privileged session monitoring, password vaulting, and Just-in-Time (JIT) access.
- Implement and automate secrets management using HashiCorp Vault (dynamic secrets, PKI, encryption as a service).
- Integrate PAM/IAM tools (Wallix, HashiCorp Vault, CyberArk, SailPoint) with Active Directory, LDAP, SIEM, and cloud platforms (AWS/Azure).
- Enforce least privilege access and Zero Trust principles across hybrid environments.
Security & Compliance:
- Develop policies for privileged credential rotation, ephemeral access, and break-glass procedures.
- Conduct privileged access audits and ensure compliance with NIST, ISO 27001, UAE IA
- Automate access reviews and certification workflows.
Operational Excellence:
- Troubleshoot PAM/IAM issues (e.g., vaulting failures, integration gaps).
- Script custom integrations using PowerShell/Python/REST APIs for automation.
- Collaborate with DevOps to secure CI/CD pipelines (e.g., HashiCorp Vault for Kubernetes secrets).
Required Skills & Qualifications:
- 8+ years in IAM/PAM, with hands-on experience in Wallix PAM and HashiCorp Vault.
- Expertise in:
- Wallix PAM (session recording, password vaulting, JIT access).
- HashiCorp Vault (secrets management, dynamic credentials, PKI).
- IAM tools (SailPoint, Okta, Microsoft Entra ID).
- Proficient in:
- Active Directory, LDAP, SAML/OAuth/OIDC, MFA.
- Cloud IAM (AWS IAM, Azure AD).
- Scripting skills (Python, PowerShell, Ansible,Terraform) for automation.
- Knowledge of NIST CSF, Zero Trust Architecture, and DevSecOps.
Preferred Skills:
- Certifications: Wallix Admin, HashiCorp Certified Vault Associate
- Experience with container security (Kubernetes, Docker) and SIEM integrations.
Pay: AED12,000.00 - AED14,000.00 per month
Work Location: In person