Lead Associate Principal, Security Engineering

Job Summary

We are seeking a Lead Associate Principal, Security Engineering to support and enhance enterprise Privileged Access Management (PAM), Secrets Management, and PKI platforms. This role will be responsible for operational support, platform engineering, automation, infrastructure security, and implementation of secure authentication and authorization solutions across on-premises and cloud environments.

Key Responsibilities

• Provide 24x7 operational support for privileged access and secrets management platforms such as CyberArk, HashiCorp Vault, and PKI solutions.

• Troubleshoot production issues, implement hotfixes, perform break-fix activities, and manage secrets lifecycle processes.

• Maintain platform health through patching, upgrades, version control, and compliance with security standards.

• Serve as a subject matter expert for Privileged Access Management (PAM), Secrets Management, and security architecture.

• Design and implement automated integrations and platform enhancements to improve user experience and operational efficiency.

• Develop long-term solutions for operational challenges using automation and AI-assisted technologies.

• Implement and enforce security-as-code principles across enterprise environments.

• Support authentication and authorization technologies including Active Directory, OAuth 2.0, OIDC, AWS IAM, Kerberos, LDAPS, Certificates, Kubernetes, and AppRole.

• Collaborate with engineering teams to integrate security controls within CI/CD pipelines and cloud platforms.

• Create automation solutions using scripting and Infrastructure as Code (IaC) tools.

Required Qualifications

• Experience supporting Privileged Access Management (PAM) and access control programs.

• Strong understanding of security architecture principles including Confidentiality, Integrity, and Availability (CIA).

• Experience in Security Operations, Security Engineering, Security Development, or Security Architecture.

• Hands-on experience supporting enterprise authentication and authorization systems.

Technical Skills

Required

• CyberArk

• HashiCorp Vault

• Active Directory Certificate Services (ADCS)

• Public Key Infrastructure (PKI)

• Hardware Security Modules (HSM)

Authentication & Identity

• Active Directory

• OAuth 2.0

• OpenID Connect (OIDC)

• AWS IAM

• Kerberos

• LDAPS

• Certificates

• Kubernetes Authentication

• AppRole

Automation & Development

• Python

• PowerShell

• Bash

• GoLang

• Terraform

• Ansible

DevOps & Cloud

• CI/CD Pipelines

• Jenkins

• Cloud Security

• Infrastructure as Code (IaC)

Nice to Have

• Experience with AI coding agents such as OpenAI Codex, Claude Code, or Gemini CLI.