The final salary or hourly wage, as applicable, paid to each candidate/applicant for this position is ultimately dependent on a variety of factors, including, but not limited to, the candidate’s/applicant’s qualifications, skills, and level of experience as well as the geographical location of the position.

Applicants must be legally authorized to work in the United States. Sponsorship not available.

Our client is seeking a Sr. Security Engineer in Raleigh, NC.

Role Description

The Sr. Security Engineer – IAM is a mid to senior-level role responsible for driving the design, development, and advancement of company's IAM program.
This individual will serve as a subject matter expert (SME) and technical lead, providing support as well as participating in the strategic direction, implementation, and continuous improvement of IAM solutions, including Privileged Access Management (PAM), Single Sign-On (SSO), Identity Governance and Administration (IGA), Multi-Factor Authentication (MFA), Active Directory (AD), Customer Identity and Access Management (CIAM), and other IAM technologies.
This role will be instrumental in designing and optimizing IAM frameworks, automating identity processes, and ensuring compliance with security policies and regulatory requirements. The engineer will collaborate with cybersecurity, IT, and business stakeholders to enhance security posture, mitigate identity-related risks, and drive IAM adoption.
Additionally, they will mentor junior engineers, lead complex IAM projects, and provide technical guidance to strengthen the overall cybersecurity strategy.

• (30%) Assist with implementation and maintenance of technical security solutions including planning, deployment coordination, change management, documentation, and training to enhance SECU’s security posture.
• (20%) Configure and tune security tools, integrate them with enterprise controls, and evaluate vendor offerings and new tools to improve security responsiveness.
• (20%) Identify and recommend opportunities for documentation enhancements, cost savings, service quality improvements, and operational efficiency.
• (10%) Support governance and compliance efforts by participating in assessments and remediation activities to ensure adherence to security standards and regulations.
• (10%) Participate in on-call rotation and serve as a resource for technical support of information security technologies and mentor junior engineers.
• (10%) Pursue and maintain skills and certifications to stay current with advancing cybersecurity trends and best practices.

Skills & Requirements

• IAM Solution Experience- specifically SailPoint OR Okta. They are hiring for 2 SailPoint positions and 1 Okta position
• Must have knowledge of cloud directories such as Entra ID, AWS Directory Service and Google Cloud Identity
• Must have knowledge of hybrid IAM environments and cloud-and-cloud identity integration
• Must have understanding of API’s how they are used to integrate IAM systems with other applications
• Must have authentication and Authorization Protocols
• They should possess a deep understanding of authentication and authorization protocols such as OAuth2.0, OIDC (OpenID Connect), SAML (Security Assertion Markup Language), LDAP (Lightweight Directory Access Protocol), Kerberos, and XACML (eXtensible Access Control Markup Language)
• Must have IAM Governance and Compliance
• They should be familiar with IAM governance frameworks and standards such as NIST, ISO 27001, SOX, and GDPR
• Must have User Lifecycle Management: must have provisioning and de-provisioning user accounts, including Joiner-Mover-Leaver (JML) processes.
• Must have experience with automation of user lifecycle management using tools such as PowerShell, Python, or IAM orchestration tools.
• Must have experience in implementation or support of Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC).
• Must have Security and Risk Management expertise: an understanding of IAM’s role in broader security frameworks and risk management along with an understanding of threat modeling and risk assessment related to identity and access.
• Must have experience in Incident Response and Forensics
• Should have the ability to support IAM-related incident response efforts, including identifying and mitigating identity-based security incidents
• Should have ability to perform Splunk queries for log diving; as well as some time of scripting exp = like in PowerShell
• Understanding of forensic analysis related to identity breaches.
• Automation and Scripting
• Ability to leverage and understand scripting languages such as Python, PowerShell, or Bash for automating tasks.
• Collaboration and Leadership
• Experience in participating in cross-functional teams in IAM initiatives.
• Ability to collaborate with security, IT operations, developers, and business stakeholders to align IAM solutions with organizational goals.
• Problem-Solving and Analytical Skills
• Strong problem-solving skills for troubleshooting and resolving IAM issues.
• Analytical skills for identifying patterns and improving IAM processes.
• Professional certifications such as: CISSP, CISA, CISM, GIAC, CGEIT, CRISC, OSCE, or other relevant industry certification and/or desire to obtain such certifications.
• Compliance, governance, and audits
• In short, SailPoint governs, reviews, and certifies access
• Okta = Identity Provider (IdP) / Access Management; this focuses on:
• User authentication (verifying identity during login)
• Single Sign-On (SSO)
• Multi-Factor Authentication (MFA)
• Federation & tokens (SAML, OIDC)
• Basic lifecycle provisioning
• In short, Okta controls how users log in

Benefits/Other Compensation

This position is a contract/temporary role where Hays offers you the opportunity to enroll in full medical benefits, dental benefits, vision benefits, 401K and Life Insurance ($20,000 benefit).

Why Hays?

You will be working with a professional recruiter who has intimate knowledge of the industry and market trends. Your Hays recruiter will lead you through a thorough screening process in order to understand your skills, experience, needs, and drivers. You will also get support on resume writing, interview tips, and career planning, so when there’s a position you really want, you’re fully prepared to get it.

Nervous about an upcoming interview? Unsure how to write a new resume?

Visit the Hays Career Advice section to learn top tips to help you stand out from the crowd when job hunting.

Hays is committed to building a thriving culture of diversity that embraces people with different backgrounds, perspectives, and experiences. We believe that the more inclusive we are, the better we serve our candidates, clients, and employees. We are an equal employment opportunity employer, and we comply with all applicable laws prohibiting discrimination based on race, color, creed, sex (including pregnancy, sexual orientation, or gender identity), age, national origin or ancestry, physical or mental disability, veteran status, marital status, genetic information, HIV-positive status, as well as any other characteristic protected by federal, state, or local law. One of Hays’ guiding principles is ‘do the right thing’.
We also believe that actions speak louder than words.
In that regard, we train our staff on ensuring inclusivity throughout the entire recruitment process and counsel our clients on these principles. If you have any questions about Hays or any of our processes, please contact us.

In accordance with applicable federal, state, and local law protecting qualified individuals with known disabilities, Hays will attempt to reasonably accommodate those individuals unless doing so would create an undue hardship on the company. Any qualified applicant or consultant with a disability who requires an accommodation in order to perform the essential functions of the job should call or text 813.336.5570.

Drug testing may be required; please contact a recruiter for more information.

#LI-DNI