Sr./Security Engineer (CIAM)

Key Responsibilities

• Design, implement, and manage CIAM solutions to protect customer identities and access across digital platforms.
• Develop and enforce policies for authentication, authorization, and identity lifecycle management.
• Serve as a subject matter expert in the development of IAM strategy, policies, standards, and procedures.
• Collaborate with different business areas to assess IAM strategies, enhance security, and ensure compliance with data protection laws.
• Plan, develop, implement, and maintain a digital identity program that meets compliance and contractual requirements.
• Assist with the design, configuration, and implementation of identity and access solutions, including onboarding, offboarding, user provisioning, and multi-factor authentication.
• Define access control protocols and establish role-based access control mechanisms to maintain the principle of least privilege.
• Monitor and analyze CIAM systems for vulnerabilities, threats, and unauthorized access.
• Conduct regular security assessments, audits, and penetration testing on CIAM systems.
• Manage the recertification of user access and develop metrics to evaluate the effectiveness of access controls.
• Provide technical guidance and training on CIAM best practices to internal teams.
• Maintain strong relationships with key vendors and partners supporting the identity program.
• Stay informed on emerging CIAM technologies, trends, and security threats.
• Coordinate cross-functional efforts with other internal business units.
• Troubleshoot and resolve CIAM-related issues promptly.

Qualifications Required:

• Bachelor's degree in computer science, Software Engineering, Applied Mathematics, or a related field.
• 10+ years of relevant experience in identity and access management (IAM), particularly focused on CIAM.
• Expertise in all aspects of IAM, including PAM and Secrets Management.
• Practical experience with CIAM platforms such as Okta, Auth0, Ping Identity, ForgeRock, Microsoft Azure AD, or similar.
• Strong understanding of authentication protocols (OAuth, OpenID Connect, SAML, Kerberos, etc.).
• Experience with cloud platforms (AWS, Azure) and their IAM services.
• Excellent problem-solving skills and attention to detail.
• Strong communication and collaboration skills, with a client service focus.
• Ability to prioritize tasks, plan effectively, and take initiative in a self-driven manner.

Preferred:

• Knowledge of NIST and CIS practices and frameworks.
• Familiarity with regulatory requirements such as GDPR, ISO 27001, and PCI DSS.
• Programming or scripting skills (e.g., Python, JavaScript, PowerShell) are preferred.