Staff IAM Engineer, Non-Human Identity

SoFi

4 months ago

New York, NY, USA +2 more

Staff+

Responsibilities

Design and maintain a Non-Human Identity framework for service accounts and machine credentials.
Implement centralized secrets management using tools like HashiCorp Vault.
Build integrations with CI/CD pipelines for automated credential rotation.
Develop scalable onboarding processes for secure authentication of applications and bots.
Establish policies for key rotation and credential expiration.
Monitor for unused service accounts and remediate over-permissioned credentials.
Support incident response teams with forensics on compromised credentials.
Maintain audit trails for credential issuance and usage.

Bachelor’s degree in Computer Science, Cybersecurity, or related field.
3–6 years of experience in IAM, DevSecOps, or Security Engineering.
Hands-on experience with non-human identity or secrets management tools.
Familiarity with cloud IAM concepts like AWS IAM Roles and Azure Managed Identities.
Proficiency in automation and scripting languages such as Python or PowerShell.

AWSAzureGoogle Cloud PlatformKubernetesPowerShellPythonTerraform