Senior Security Engineer - IAM

About The Position

Requirements

• Bachelor’s degree in technology discipline or equivalent professional experience.
• 5+ years of experience in Privileged Access Management or related security roles.
• Delinea Platform Expertise: Hands-on engineering with Delinea components such as Secret Server (vaulting/rotation/workflows), Privilege Manager (endpoint least-privilege), and related connectors/agents, including upgrades, migrations, and performance tuning.
• Enterprise Infrastructure & Platforms: Strong administration and integration experience across Windows Server/Workstations, Linux (e.g., RHEL/Ubuntu), Active Directory/GPO, and virtualization platforms to onboard and manage privileged accounts at scale.
• Security & Authentication Technologies: Deep understanding of authentication/authorization and identity protocols—Kerberos/NTLM, LDAP/LDAPS, SAML/OIDC, RADIUS/TACACS+, PKI/certificates, and MFA—used to secure PAM access paths and admin workflows.
• Scripting & Automation: Ability to automate PAM lifecycle tasks (discovery, onboarding, credential rotation, reporting) using PowerShell/Python and Delinea REST APIs, including error handling, logging, and idempotent execution.
• Networking & Infrastructure: Proficient in troubleshooting and designing network connectivity for PAM components (DNS, TLS, firewalls/ports, proxies, load balancers) to support secure agent communications and distributed services.
• DevOps & Cloud Technologies: Experience integrating PAM into CI/CD and cloud operations using tools like Git, pipelines, IaC (Terraform/ARM/CloudFormation), and cloud IAM services (Azure/AWS/GCP) to manage privileged access in modern delivery environments.
• Strong analytical, problem-solving, and attention-to-detail skills; works independently with minimal supervision.
• Excellent communication and collaboration skills with IT, security teams, and business units.

Nice To Haves

• Relevant Security certifications (e.g., CISSP, CISM, CIAM) preferred.

Responsibilities

• Administer day-to-day Delinea operations—tenant configuration, discovery, onboarding, policy management, upgrades/patching, backups, and health monitoring—to ensure availability and performance.
• Integrate Delinea with enterprise identity, endpoint, and security tooling (e.g., AD/Azure AD, SSO/MFA, SIEM, ITSM) and automate onboarding/rotation/workflows using APIs and scripting.
• Implement privileged access controls (least privilege, JIT/JEA, session controls, credential rotation) and produce audit-ready evidence aligned to internal standards and frameworks (e.g., SOX, PCI, ISO 27001).
• Lead triage and resolution of PAM issues across agents, connectors, network paths, authentication flows, and platform services, performing root-cause analysis and preventive remediation.
• Create and maintain operational runbooks, architecture diagrams, and configuration standards while training administrators and stakeholders to ensure consistent, scalable PAM operations
• Complete all responsibilities as outlined in the annual performance review and/or goal setting.
• Complete all special projects and other duties as assigned.
• Must be able to perform duties with or without reasonable accommodation.

Benefits

• Cotiviti offers team members a competitive benefits package to address a wide range of personal and family needs, including medical, dental, vision, disability, and life insurance coverage, 401(k) savings plans, paid family leave, 9 paid holidays per year, and 17-27 days of Paid Time Off (PTO) per year, depending on specific level and length of service with Cotiviti.