We are seeking a motivated Security & Identity and Access Management (IAM) Engineer with 3+ years of experience to support identity governance, access controls, and security compliance initiatives. This role focuses on maintaining least-privilege access, secrets management, patch compliance validation, encryption controls, and compliance evidence generation while promoting Zero Trust security principles.

Key Responsibilities :

Identity & Access Management (IAM) :

- Maintain IAM governance frameworks and enforce least-privilege access models across systems and platforms.

- Perform quarterly access reviews to validate user, service, and privileged access.

- Support access lifecycle management including provisioning, modification, and de-provisioning controls.

Secrets & Key Management :

- Implement and maintain secrets management solutions, such as AWS Secrets Manager or equivalent platforms.

- Ensure secure storage, rotation, and access controls for application and infrastructure secrets.

Patch & Compliance Validation :

- Validate patch compliance across infrastructure and applications to ensure adherence to defined SLAs.

- Track and report exceptions and remediation progress where patch compliance gaps are identified.

Encryption & Data Protection :

- Validate and ensure encryption requirements are met for data at rest and in transit.

- Support enforcement of encryption standards across cloud and on-prem environments.

Zero Trust & Security Best Practices :

- Promote Zero Trust security principles, specifically around identity, access, and network controls.

- Collaborate with engineering teams to improve understanding and adoption of secure access models.

Compliance & Audit Support :

- Produce and maintain required compliance evidence artifacts for audits and internal reviews.

- Support compliance initiatives by documenting access controls, patch status, encryption posture, and security configurations.

Required Skills & Qualifications :

- 3+ years of experience in Security Engineering, IAM, or Access Management roles.

- Strong understanding of IAM concepts, RBAC, least-privilege principles, and access governance.

- Hands-on exposure to secrets management solutions (AWS Secrets Manager or equivalent).

- Knowledge of patch management processes and compliance validation.

- Understanding of encryption standards and secure communication protocols.

- Strong documentation and communication skills.

Preferred Qualifications :

- Experience with cloud platforms such as AWS, Azure, or GCP.

- Familiarity with Zero Trust architectures and identity-centric security models.

- Exposure to compliance frameworks (ISO 27001, SOC 2, PCI-DSS, etc.).

- Experience working in regulated or enterprise environments.