Design and maintain scalable architectures for non-human identity lifecycle management, including provisioning, rotation, and decommissioning.
Automate identity provisioning and deprovisioning processes for applications, devices, and services using IAM tools and scripts.
Define and enforce policies for authentication and authorization of non-human identities, including privileged access management (PAM) for service accounts and secrets management.
Integrate IAM solutions with cloud platforms, CI/CD pipelines, DevOps tools, and third-party APIs to ensure seamless identity management.
Implement security controls, auditing, and monitoring for non-human identities to ensure compliance with regulatory requirements and internal policies.
Investigate and respond to security incidents related to non-human identities, collaborating with cybersecurity and IT teams.
Maintain comprehensive documentation and provide training to internal teams on non-human identity best practices.
Requirements
Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience)
14+ years of experience in identity and access management (IAM), with a focus on non-human identities (applications, APIs, devices, bots)
Strong understanding of authentication protocols (OAuth2, SAML, OpenID Connect), certificate management, and secrets management
Experience with IAM tools (e.g., Azure AD, AWS IAM, HashiCorp Vault, CyberArk, OASIS, SailPoint)
Exposure to IAM concepts: IGA, PAM, RBAC/ABAC, MFA, directory services
Proficiency in scripting or programming languages (Python, PowerShell, Bash, etc.) for automation
Familiarity with cloud environments (AWS, Azure, GCP), IAM of SAAS products (ServiceNow, Snowflake, Oracle Financials etc) and DevOps toolchains