Qualifications and Responsibilities
* Minimum 7+ years as an IAM Engineer with hands‑on experience in privileged access technologies, with recent experience in agentic AI and securing OWASP to 10 NHI risks. Strong DM, CyberArk, Azure Key Vault, AWS Secrets and other privileged solution areas are a plus.
* Understanding of agentic AI systems, including binding AI agents to enterprise identities, least privilege enforcement, policy‑based guardrails, Model Context Protocol (MCP), mutual TLS, OAuth2 token exchanges, and AI security tools.
* Familiarity with API gateways, service meshes (Kong, Istio, Apigee), and machine identity management (certificates, workload IDs, SPIFFE/SPIRE).
* Experience with IAM automation and administration using Terraform, Ansible, Cloud‑init, Pulumi, Python, and Unix/Windows systems.
* Strong proficiency in authentication technologies: SSO, federation protocols (SAML, OIDC, OAuth2), API authentication, SCIM, RBAC, ABAC, JIT provisioning, and zero‑trust principles.
* Expertise in privileged access management, including credential vaulting, session management, and PAM/PAW models.
* Skilled in directory services and multi‑cloud identity governance (Azure AD, AWS AD, EntraID, Okta) and cloud IAM across AWS, Azure, and GCP.
* Awareness of open standards, threat modeling, insider threats, and continuous authentication.
* Strong organization, project delivery, communication, collaboration, and leadership skills.
Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.
#J-18808-Ljbffr