IAM Engineer – Quantitative trading firm

IAM Engineer, Privileged Access & Secrets Management

A leading quantitative investment firm is looking for an IAM Engineer to join its security team, with a focus on Privileged Access Management and Secrets Management.

This is a hands‑on role in a highly technical, data‑driven environment where security is directly tied to trading performance and business success. You’ll work closely with engineering, infrastructure and security teams to design, implement and optimize identity controls across both on‑prem and cloud environments.

Key responsibilities

Privileged Access Management (PAM)

• Lead the deployment, configuration and ongoing operation of PAM tools such as CyberArk or similar
• Define and enforce policies around privileged account usage, session monitoring and credential rotation
• Work with system owners to onboard accounts and enforce least privilege principles
• Monitor and audit privileged activity, investigating anomalies and supporting incident response

Secrets Management

• Implement and manage secrets management platforms such as HashiCorp Vault or cloud‑native tools
• Define secure storage, access and rotation policies for credentials, API keys and application secrets
• Integrate secrets management into CI/CD pipelines and cloud platforms
• Ensure secrets are managed in line with internal standards and regulatory requirement

Access Control and Identity

• Support the implementation of role‑based access control across Active Directory and cloud environment
• Maintain and remediate directory structures to align with access policies
• Work closely with engineering teams to enforce authentication and authorisation standards

Security Operations and Governance

• Monitor IAM‑related alerts and support incident response activities
• Assist with access reviews and privileged account certifications
• Support audit readiness and provide evidence aligned to frameworks such as ISO 27001 and GDPR
• Identify opportunities to improve IAM processes, tooling and controls
• Contribute to the wider IAM roadmap and security strategy
• Stay up to date with emerging threats and technologies within identity and access management

Key requirements

• Strong experience within Identity and Access Management, with a focus on PAM and secrets management
• Hands‑on experience with tools such as CyberArk, HashiCorp Vault or similar
• Experience working in cloud environments such as AWS or Azur
• Good understanding of RBAC, directory services and authentication protocols such as SAML or OAuth
• Scripting or automation experience (Python, PowerShell or similar)
• Strong communication skills and the ability to work with both technical and non‑technical stakeholders
• Experience working in high‑performance, low‑latency or data‑intensive environments
• Exposure to compliance frameworks such as ISO 27001 or GDPR
• Relevant certifications such as CyberArk, HashiCorp Vault, CISSP or CISM

This is an excellent opportunity to join a high‑performing, engineering‑led environment where identity and access management is critical to protecting sensitive data and maintaining the integrity of trading systems.

#J-18808-Ljbffr…