Senior IAM Security Engineer

  • Miami, FL
  • Posted 3 days ago | Updated moments ago

Overview

Remote
On Site
Hybrid
BASED ON EXPERIENCE
Contract - Independent
Contract - W2
Contract - 4+ mo(s)

Skills

IAM
SECURITY
OFFENSIVE
SILVERFORT
SILVER FORT
SILVER-FORT
FEDERATION
PINGFEDERATE
PING FEDERATE
FORGEROCK
FORGE ROCK
FORGE-ROCK
RSA
PING-FEDERATE
LIGHTWEIGHT DIRECTORY ACCESS PROTOCOL
LDAP
ACTIVE DIRECTORY
PAM
CYBERARK
CYBER ARK
BEYONDTRUST
BEYOND TRUST
BEYOND-TRUST

Job Details

Senior IAM Security Engineer - Offensive Identity Focus

Job Description:
*** Financial is the nation s largest independent brokerage firm with more than 14,000 independent financial advisors in more than 4,000 branch offices nationwide. *** Financial has been ranked the number one broker dealer in its class consistently over the past 10 years. Financially strong and growing, its corporate offices are in Boston, San Diego, and Charlotte.

About the Role
We are building a cutting-edge Offensive Identity Team and seeking a versatile Senior IAM Security Engineer to lead proactive efforts in securing identity infrastructure across on-prem and cloud environments. This role blends expertise in Active Directory, Windows security, and AWS IAM with a strong offensive security mindset to identify and mitigate identity-based threats before they impact the organization.

Key Responsibilities

  • Lead cleanup and optimization of federation configurations (PingFederate, ForgeRock)
  • Manage and remediate AD group memberships and permissions to enforce least privilege
  • Design and implement Role-Based Access Control (RBAC) models across enterprise systems
  • Support access recertification campaigns and identity posture assessments
  • Collaborate with red and blue teams to simulate identity-based attacks and improve detection
  • Contribute to threat modeling and adversary simulation efforts targeting IAM infrastructure
  • Implement and manage privilege controls using LAPS, GPOs, and local admin policies
  • Harden Windows servers and endpoints to prevent identity exploitation
  • Enforce PAM practices using CyberArk or equivalent tools
  • Collaborate with IAM and red teams to simulate identity-based attacks
  • Identify and remediate misconfigurations that could lead to privilege escalation

Required Skills & Experience
  • 5+ years in IAM engineering or identity focused security roles
  • Strong experience with Active Directory, LDAP, and group policy management
  • Hands-on experience with federation platforms (PingFed, ForgeRock, RSA)
  • Familiarity with RBAC frameworks and access governance tools
  • Deep understanding of Windows privilege management and GPOs
  • Experience with PAM solutions (CyberArk, BeyondTrust)
  • Familiarity with offensive security tools and techniques targeting Windows environments
  • Understanding of identity threats and MITRE Telecommunication&CK techniques
  • Experience with scripting (PowerShell, Python) for automation and analysis

Preferred Qualifications
  • Experience with offensive security tools (Silverfort)
  • Experience with endpoint detection and response (EDR) tools
  • Certifications: CISSP, GIAC, or similar IAM/security credentials

Why Join Us?
  • Be part of a pioneering team focused on proactive identity defense
  • Work with cutting-edge IAM technologies in a hybrid cloud environment
  • Collaborate with top-tier security professionals in a mission driven organization
#INDEAST
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.