Information Security Engineer

NCR Corporation•Atlanta, GA

1d•Onsite

About The Position

NCR Voyix Corporation (NYSE: VYX) is a global platform-powered leader in unified commerce for shopping and dining. Combining a flexible, intelligent platform with end-to-end payments capabilities and services developed through its deep industry experience, NCR Voyix empowers retailers and restaurants to accelerate new possibilities for their operations, experiences and business outcomes. NCR Voyix is headquartered in Atlanta, Georgia, and serves customers in more than 35 countries worldwide. Information Security Engineer (I) Location: Atlanta, GA About NCR Voyix NCR VOYIX Corporation (NYSE: VYX) is a leading global provider of digital commerce solutions for the retail, restaurant and banking industries. NCR VOYIX is headquartered in Atlanta, Georgia, with approximately 16,000 employees in 35 countries across the globe. For nearly 140 years, we have been the global leader in consumer transaction technologies, turning everyday consumer interactions into meaningful moments. Today, NCR VOYIX transforms the stores, restaurants and digital banking experiences with cloud-based, platform-led SaaS and services capabilities. Not only are we the leader in the market segments we serve and the technology we deliver, but we create exceptional consumer experiences in partnership with the world’s leading retailers, restaurants and financial institutions. We leverage our expertise, R&D capabilities and unique platform to help navigate, simplify and run our customers’ technology systems. Our customers are at the center of everything we do. Our mission is to enable stores, restaurants and financial institutions to exceed their goals – from customer satisfaction to revenue growth, to operational excellence, to reduced costs and profit growth. Our solutions empower our customers to succeed in today’s competitive landscape. Our unique perspective brings innovative, industry-leading tech to all the moving parts of business across industries. NCR VOYIX has earned the trust of businesses large and small — from the best-known brands around the world to your local favorite around the corner. Information Security Engineer (I) We are looking for an Information Security Engineer (II) with strong experience in Privileged Access Management (PAM) to strengthen identity and access security controls across the enterprise. In this role, you will own key PAM capabilities end-to-end (design, implementation, and operational excellence), partner closely with IAM, infrastructure, and application teams, and drive improvements to CyberArk onboarding, credential rotation, and privileged session controls for both human and non-human identities. You will also help the organization adopt AI-enabled operational practices safely by applying secure-by-design principles to automation and AI-assisted workflows (e.g., protecting secrets/API keys used by automation, and ensuring appropriate access controls and auditability).

Requirements

Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent practical experience).
1–3+ years of experience in Information Security, IAM, or security engineering with a strong focus on PAM.
Hands-on experience implementing and operating CyberArk in enterprise environments (onboarding at scale, rotation, integrations, monitoring, and troubleshooting).
Demonstrated experience supporting audits and operating with strong change control and documentation discipline.
Strong knowledge of privileged access concepts (least privilege, break-glass access, service accounts, just-in-time patterns, session monitoring/recording).
Windows and Linux administration fundamentals (credential usage, services/daemons, scheduling, permissions) and authentication protocols basics (e.g., LDAP/Kerberos/SSO concepts).
Scripting/automation skills in PowerShell and/or Python, with the ability to develop maintainable scripts and perform peer reviews.
Ability to troubleshoot complex issues across applications, infrastructure, and integrations (logs, networking basics, and dependency mapping).
Working knowledge of GenAI and common enterprise AI adoption risks (data leakage, prompt injection, insecure plugins/tools, model/API access control), and the ability to translate these risks into practical identity and secrets-management controls.
Familiarity with using AI-assisted tools responsibly for operational efficiency (triage, documentation, reporting) while ensuring sensitive data handling, logging, and policy compliance.
Strong analytical and problem-solving skills.
Excellent communication and collaboration abilities.
Ability to work under pressure during critical incidents.

Nice To Haves

CyberArk certifications (e.g., Defender/Trustee) or equivalent hands-on mastery.
AI security training/certification (e.g., vendor AI security fundamentals) or demonstrated experience supporting secure enterprise AI adoption.
Security+ and/or higher-level certification such as SSCP, CISSP, or CISM (based on experience level).

Responsibilities

PAM Platform Ownership: Own day-to-day reliability, security, and lifecycle management of CyberArk components and integrations (configuration, upgrades, health monitoring, and break-fix). Define and maintain operational standards (onboarding patterns, safe design, naming/metadata, rotation policies, and access workflows) to ensure consistency and auditability.
Privileged Identity & Credential Lifecycle: Lead onboarding and lifecycle management for privileged accounts (human and non-human), including service accounts, application secrets, and automation identities. Design and implement password/secret rotation strategies and work with application owners to ensure credential consumers are compatible with rotation and failover.
Privileged Session Controls: Configure and maintain privileged session access controls, including approvals, just-in-time access patterns (where applicable), session monitoring/recording, and least-privilege enforcement. Perform PAM discovery activities and prioritize remediation of unmanaged privileged access.
Integration & Automation: Implement and troubleshoot integrations between CyberArk and enterprise platforms (e.g., directory services, endpoints/servers, CI/CD, and key application stacks). Develop and maintain automation (PowerShell/Python) for onboarding, rotation validation, reporting, and operational tasks; contribute to reusable templates and standards.
Risk Reduction, Audit & Compliance: Produce and maintain audit-ready evidence for privileged access controls (e.g., onboarding approvals, rotation success, access reviews, session logs) and support internal/external audits. Identify gaps in privileged access controls, drive remediation plans, and track improvements through measurable operational metrics.
AI & Automation Security Enablement: Partner with engineering teams to apply least-privilege and credential management patterns for AI/automation identities (e.g., API keys, service principals, tokens) used by scripts, bots, and AI-assisted workflows. Define and implement controls to reduce AI-related identity risk (secret sprawl, over-privileged tokens, unmanaged credentials), including logging, rotation, and break-glass procedures.
Incident Response & Engineering Support: Provide Tier-3 support and technical leadership during PAM-related incidents; perform root cause analysis and implement corrective/preventive actions. Mentor junior engineers and contribute to knowledge transfer through runbooks, training, and peer reviews.