IAM Engineer – Privileged Access & Secrets Management

We’re hiring a Privileged Access & Identity Security Engineer to join a highly technical, security-first organisation operating in a fast-paced, regulated environment. Identity, privileged access, and secrets are treated here as core security engineering problems, not just compliance controls.

This role sits within the Identity & Access Management (IAM) function, with a strong emphasis on Privileged Access Management (PAM), automation, and secure access to critical systems and platforms.

Responsibilities:

Privileged Access Management (PAM)

  • Own and operate enterprise PAM platforms (e.g. CyberArk or equivalent)
  • Design, implement, and maintain privileged access controls across Windows, Unix/Linux, and application environments
  • Automate onboarding of privileged and service accounts, including credential rotation and reconciliation
  • Enforce least privilege and just-in-time access principles
  • Monitor privileged sessions and support investigations into access-related incidents

Secrets & Non-Human Access

  • Manage credentials for applications, services, and automation workflows
  • Support secure runtime credential retrieval and rotation
  • Work with engineering teams to reduce hard-coded secrets and improve secrets hygiene
  • Contribute to the evolution of secrets management and CI/CD integrations

IAM & Access Controls

  • Partner with infrastructure, application, and security teams to implement robust access models
  • Support RBAC and access policy alignment across on-prem and cloud platforms
  • Maintain clean documentation, standards, and operating procedures

Governance, Audit & Operations

  • Support access reviews, audit requests, and evidence production
  • Contribute to incident response related to privileged access or credential exposure
  • Help mature IAM and PAM processes through automation and continuous improvement

Must Have’s

  • Strong hands-on experience with Privileged Access Management (PAM)
  • Deep knowledge of CyberArk (Vault, PSM/PSMP, CPM, Privilege Cloud) or equivalent
  • Experience automating privileged access onboarding and credential lifecycle
  • Solid understanding of least privilege, JIT access, and privileged account risk
  • Background working in regulated or high-security environments
  • Comfortable operating as a senior individual contributor with real ownership

Nice to have

  • Exposure to secrets management concepts or platforms
  • Cloud experience (AWS and/or Azure)
  • Scripting or automation (PowerShell, REST APIs, etc.)
Apply Now
Apply Now

Job Details

Company
Levy Global
Location
City of London, London, United Kingdom
Posted