Talent.com
IT Security Identity and Access Management (W2 Only)

IT Security Identity and Access Management (W2 Only)

Neotecra, Inc.New York, NY, US
11 days ago
Job type
  • Full-time
Job description

We are seeking a skilled Privileged Access Management (PAM) Engineer to join our cybersecurity team. This role will focus on securing privileged identities across Active Directory (AD), Entra ID, Linux, and major cloud platforms (Azure, AWS, and GCP). The PAM Engineer will design, implement, and maintain controls that ensure administrators and endpoints only have the access they need at the right time and with the least privilege possible.

The ideal candidate will have strong expertise in vaulting platforms, endpoint privilege management, and zero-trust principles, with a proven track record of reducing attack surfaces and improving identity hygiene.

KEY RESPONSIBILITIES

Privileged Identity Security

  • Administer and enhance the corporate vaulting platform to manage privileged credentials across AD, Entra, Linux, and cloud platforms (Azure, AWS, GCP).
  • Implement credential randomization for local / built-in administrator accounts, service accounts, and cloud root / admin accounts.
  • Ensure time-bound, approval-based access for administrators following least privilege and just-in-time (JIT) principles.

Endpoint Privilege Management

  • Implement and maintain endpoint least-privilege policies across Windows, Linux, and macOS environments.
  • Replace standing local admin rights with controlled privilege elevation workflows.
  • Apply application control and privilege granularity to reduce risks from malware, ransomware, and insider threats.
  • Partner with desktop engineering teams to improve usability while enforcing strong endpoint controls.

    • Identity Hardening and Hygiene

  • Lead local administrator cleanup projects and enforce removal of unauthorized admin rights.
  • Harden Entra ID and cloud tenant hygiene by monitoring stale accounts, privileged roles, and excessive permissions.
  • Apply ITDR (Identity Threat Detection and Response) practices to detect and mitigate suspicious privileged activity across on-prem and cloud platforms.

    • Security Architecture and Standards

  • Contribute to enterprise Zero Trust architecture initiatives for hybrid and multi-cloud environments.
  • Align privileged access controls with NIST standards and organizational policies.
  • Drive adoption of passwordless authentication, MFA, and SSO for both on-prem and cloud privileged identities.

    • Cloud Identity and Access

  • Manage and monitor privileged roles and accounts in Azure AD (Entra ID), AWS IAM, and GCP IAM.
  • Implement least-privilege design for cloud workloads, service principals, keys, and secrets.
  • Integrate cloud platform identities with PAM vaulting, session recording, and access approval workflows.

    • Identity Lifecycle Management

  • Collaborate with IGA teams to automate provisioning, deprovisioning, and recertification of privileged accounts across on-prem and cloud.
  • Ensure privileged entitlements are tied to clear business justification and ownership.

    • Documentation and Governance

  • Create and maintain technical runbooks, architecture diagrams, and operational procedures.
  • Provide reporting on privileged access usage, endpoint privilege management, hygiene metrics, and compliance results.
  • Partner with audit, compliance, and risk teams to demonstrate control effectiveness.

    • Required Qualifications

  • 3 5 years of experience in PAM, IAM, or related security engineering roles.
  • Hands-on experience with AD, Entra ID, Linux, and at least one major cloud platform (Azure, AWS, or GCP).
  • Strong knowledge of vaulting technologies and endpoint privilege management practices (least privilege, privilege elevation, application control).
  • Proficiency with authentication methods : MFA, SSO, passwordless, Kerberos, and certificate-based access.
  • Familiarity with NIST 800-63B, Zero Trust frameworks, ITDR, and cloud security standards (CIS, CSA, etc.).
  • Strong scripting / automation skills (PowerShell, Python, Bash, Terraform, etc.).
  • Excellent documentation and communication abilities.

    • Preferred Qualifications

  • Experience securing privileged access in multi-cloud environments (Azure, AWS, GCP).
  • Knowledge of Entra ID Conditional Access, PIM, AWS IAM policies, and GCP IAM roles.
  • Experience integrating PAM solutions with CI / CD pipelines, DevOps tools, or ITSM workflows.
  • Industry certifications are a Plus (SailPoint, CISSP, CISM, CCSP, Azure Security Engineer, AWS Security Specialty, GIAC, etc.).
    • Create a job alert for this search

    Identity Management • New York, NY, US

    Related jobs
    • Promoted
    Senior Manager, Information Security Office Consultant

    Senior Manager, Information Security Office Consultant

    Capital OneNew York, NY, United States
    Full-time +1
    Senior Manager, Information Security Office Consultant.At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security.You are pragmatic and...Show moreLast updated: 19 days ago
    • Promoted
    Cyber and Information Security Risk Officer

    Cyber and Information Security Risk Officer

    UBSNew York, NY, United States
    Part-time
    Do you thrive in a fast paced, dynamic environment that helps protect firm and client data? Are you someone who can make the right call in challenging situations? Are you a shrewd evaluator of the ...Show moreLast updated: 13 days ago
    • Promoted
    Information Security Lead

    Information Security Lead

    ALM GlobalNew York, NY, United States
    Full-time
    Discover where your talent fits best at ALM!.Our network of more than 450+ employees globally is united by a shared understanding that the work we do makes a direct impact on the success of our cus...Show moreLast updated: 1 day ago
    • Promoted
    Lead Information Security Engineer- Certificate Management Services

    Lead Information Security Engineer- Certificate Management Services

    Wells FargoIselin, NJ, United States
    Full-time
    Wells Fargo is seeking a Lead Information Security Engineer in Technology as part of the Chief Technology Office (CTO).Learn more about the career areas and lines of business at wellsfargojobs.The ...Show moreLast updated: 30+ days ago
    • Promoted
    Information Security Manager

    Information Security Manager

    Stellar HealthNew York, NY, United States
    Full-time
    Historically, US Healthcare has relied on a fee-for-service reimbursement system where providers are paid based on the quantity of patient visits and procedures, rather than the quality of health o...Show moreLast updated: 1 day ago
    • Promoted
    IT & Security Engineer

    IT & Security Engineer

    Norm AI, IncNew York, NY, United States
    Full-time
    Norm Ai, the leading Legal & Compliance AI company, has a client base with a combined $30 trillion in assets under management. By turning legal code into AI code, Norm enables enterprises to move fa...Show moreLast updated: 12 days ago
    • Promoted
    Senior Information Security Compliance Professional

    Senior Information Security Compliance Professional

    FiservBerkeley Heights, NJ, United States
    Full-time
    Calling all innovators - find your future at Fiserv.We're Fiserv, a global leader in Fintech and payments, and we move money and information in a way that moves the world.We connect financial insti...Show moreLast updated: 30+ days ago
    • Promoted
    Information Security Analyst

    Information Security Analyst

    Spectraforce TechnologiesNewark, NJ, United States
    Full-time
    Job Title : Information Security Analyst.Location : Newark, NJ (Hybrid 3 days onsite).Focus on highest risk controls first, then medium risk (definition in progress). Coordination with AppOwners and c...Show moreLast updated: 30+ days ago
    • Promoted
    Lead, Info Security Systems Engineer

    Lead, Info Security Systems Engineer

    L3Harris TechnologiesClifton, NJ, United States
    Full-time
    Lead, Info Security Systems Engineer.L3Harris is dedicated to recruiting and developing high-performing talent who are passionate about what they do. Our employees are unified in a shared dedication...Show moreLast updated: 2 days ago
    • Promoted
    Manager, Network Security, Tech & Data Risk Management

    Manager, Network Security, Tech & Data Risk Management

    Capital OneNew York, NY, US
    Full-time +1
    Manager, Network Security, Tech & Data Risk Management.Capital One is one of the fastest growing organizations in the world today, powered by our passion for our customers.We are serious about tech...Show moreLast updated: 30+ days ago
    • Promoted
    Strategic IT Security & Compliance Advisor - Hybrid

    Strategic IT Security & Compliance Advisor - Hybrid

    Network Right LLCNew York, NY, United States
    Full-time
    A consultancy firm is seeking a Senior IT Security & Compliance Consultant to help clients establish strong security and compliance programs. The role involves advising high-growth startups and ente...Show moreLast updated: 2 days ago
    • Promoted
    Manager, Information Security (Monitoring and Investigation)

    Manager, Information Security (Monitoring and Investigation)

    TD BankNew York, NY, United States
    Full-time
    TD is committed to providing fair and equitable compensation opportunities to all colleagues.Growth opportunities and skill development are defining features of the colleague experience at TD.Our c...Show moreLast updated: 2 days ago
    • Promoted
    Privileged Access Management (PAM)

    Privileged Access Management (PAM)

    RIT Solutions, Inc.Jersey City, NJ, United States
    Temporary
    Privileged Access Management (PAM) Programmer / Analyst.Location : Hybrid onsite, 3 days in Jersey City, NJ (core days : Tues- Thurs). Duration : 6-month contract to hire.Work auth : USC / GC only - must be...Show moreLast updated: 2 days ago
    • Promoted
    Remote Solutions Architect - Cloud & Security Impact

    Remote Solutions Architect - Cloud & Security Impact

    Marsh & McLennan Companies, Inc.City of White Plains, NY, United States
    Remote
    Full-time
    A leading insurance and risk management firm is seeking a Solutions Architect in New York to design and communicate solutions. This role emphasizes collaboration with technical and business stakehol...Show moreLast updated: 1 day ago
    • Promoted
    SOLUTION ARCHITECT

    SOLUTION ARCHITECT

    Montefiore Medical CenterCity of Yonkers, NY, United States
    Full-time
    Deep understanding of cloud-based cybersecurity principles, including encryption, authentication, access control, and network security. Extensive experience in designing and implementing cybersecuri...Show moreLast updated: 7 days ago
    • Promoted
    • New!
    Senior Enterprise Architect - Health IT & Security Roadmap

    Senior Enterprise Architect - Health IT & Security Roadmap

    Siemens HealthineersVillage of Tarrytown, NY, United States
    Full-time
    A leading health technology company is seeking an experienced Enterprise Architect in New York to drive IT architecture solutions and ensure alignment with business strategies.The role requires at ...Show moreLast updated: 9 hours ago
    • Promoted
    Manager, Information Security

    Manager, Information Security

    Metropolitan Jewish Health SystemNew York, NY, United States
    Full-time
    Our Corporate team may not provide direct care, but we still touch people's lives in a very real and substantial way.The services we provide contribute greatly to the overall patient and member exp...Show moreLast updated: 16 days ago
    • Promoted
    Information Security Manager

    Information Security Manager

    Axinn, Veltrop & HarkriderNew York, NY, United States
    Full-time
    Experienced, tenacious, and always trial-ready, we are committed to understanding complex legal challenges that impact the future of our clients' businesses, globally. Focusing on antitrust, intelle...Show moreLast updated: 2 days ago