Senior Cyber Security Engineer (DevSecOps)

We are seeking a highly skilled Senior Cybersecurity & DevSecOps Engineer with specialized expertise in Privileged Access Management (PAM), Identity and Access Management (IAM) and Vulnerability and Patch Management solutions. In this role, you will be responsible for designing, implementing, and maintaining security architecture while integrating security practices throughout our software development lifecycle. The ideal candidate will bring deep knowledge of PAM/IAM technologies along with DevSecOps principles to help secure the privileged accounts, manage digital identities, and embed security controls into CI/CD pipelines to strengthen the overall security posture.

Responsibilities

• Design, implement, and maintain PAM solutions (e.g. CyberArk)
• Architect and manage IAM solutions, including SSO, MFA, and directory services (e.g. ForgeRock)
• Configure and manage Vulnerability/Patch Management solutions (e.g. Qualys)
• Develop and maintain secure authentication and authorization workflows across enterprise applications
• Create automated PAM/IAM processes to integrate with DevOps workflows and CI/CD pipelines
• Implement privileged session management, recording, and monitoring capabilities
• Design and manage secrets management solutions for application and infrastructure credentials
• Develop secure coding practices and security requirements for identity-related components
• Create CI/CD pipeline integrations that automate security testing and credential management
• Implement least privilege access models throughout infrastructure and applications
• Configure and maintain Just-In-Time (JIT) access and ephemeral privilege solutions
• Conduct regular security assessments of PAM/IAM infrastructure and implementation
• Automate security controls for onboarding/offboarding identity lifecycle management
• Develop API security governance for identity-related services
• Create and maintain system documentation and security architecture diagrams
• Monitor security events related to privileged access and identity systems
• Collaborate with development, operations, and security teams to embed identity security throughout SDLC
• Implement risk-based authentication and authorization mechanisms
• Lead security platforms incident response and participate in security incident handling
• Participate on after-hours On-Call support for security-related incidents

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field
• 7+ years of experience in information security or cybersecurity roles
• Minimum 3+ years of hands-on experience with PAM solutions (CyberArk preferred)
• Minimum 3+ years of experience with IAM/MFA/SSO platforms (ForgeRock preferred)
• Minimum 2+ years of experience with Vulnerability and Patch Management platforms (Qualys preferred)
• Experience implementing DevSecOps methodologies and embedding security in CI/CD pipelines
• Strong knowledge of secure access models, authorization frameworks, and federation protocols
• Experience with security automation and API-driven security controls
• Knowledge of cloud IAM services and integration patterns
• Experience with infrastructure as code tools (Terraform, CloudFormation, Ansible, etc.)
• Understanding of container security and orchestration platforms (Docker, Kubernetes)
• Familiarity with compliance frameworks requiring strong identity controls
• Strong analytical and problem-solving abilities
• Excellent communication skills and ability to collaborate across technical teams

• Proficiency in scripting and programming languages (PowerShell, Python, Bash, etc.)
• Experience with other PAM solutions (BeyondTrust, Delinea, etc.)
• Knowledge of Zero Trust architecture implementation
• Familiarity with OAuth 2.0, OIDC, SAML, and SCIM protocols
• Experience with SIEM integration for identity-related events
• Background in security architecture and framework development
• Experience with secrets management solutions (e.g. HashiCorp Vault)
• Knowledge of advanced encryption implementation and key management
• Understanding of biometric authentication technologies
• Experience with web application firewalls (WAF) and API gateways
• Familiarity with GitOps security principles
• Background in identity governance and administration (IGA)
• Experience with user behavior analytics and identity threat detection
• Knowledge of PKI infrastructure and certificate management
• CISSP, CISM, or other advanced security certifications
• Experience with machine identity management and non-human identities

Company Industry

• IT - Software Services

Department / Functional Area

• IT Software

Keywords

• Senior Cyber Security Engineer (DevSecOps)

Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at abuse@naukrigulf.com