Lead Principal Security Engineer
Glocomms are partnering with a large, highly regulated financial organization on a Leadâlevel Security Engineering position that sits at the center of their identity, automation, and privileged access programs. This is a highâimpact role for someone who wants to step into a technical leadership seat while still staying handsâon with modern security engineering, cloud identity, and privileged access tools. The team is scaling, investing heavily in automation, and modernizing how they protect highâvalue systems across both onâprem and cloud environments.
This role will give you the chance to own major security engineering initiatives-driving improvements to PAM infrastructure, designing secure authentication flows, and helping the organization move toward more automated, resilient, and intelligenceâdriven security architecture. You'll work closely with engineering, cloud, IAM, and compliance teams, acting as a subjectâmatter expert across privileged access management, secrets management, and core identity technologies.
What You'll Be Doing:
- Lead operational and engineering support for privileged access platforms, including breakâfix, patching, lifecycle management, and strengthening secrets governance.
- Build and optimize secure authentication and authorization workflows across technologies like AD, OAuth2.0, OIDC, certificates, IAM policies, Kerberos, LDAPS, and more.
- Drive automation across PAM and identity systems using Python, Terraform, and CI/CD tooling to improve reliability and reduce manual work.
- Implement enhancements and longâterm architecture improvements designed to stabilize, scale, and modernize how privileged access is delivered across hybrid compute environments.
- Partner with teams across security, cloud, and infrastructure to develop AIâassisted detection, faster remediation processes, and improved visibility into privileged user activity.
- Troubleshoot complex issues across cloud, onâprem, and hybrid authentication systems; support platform upgrades; and strengthen the overall engineering posture of the environment.
What They're Looking For:
- Handsâon experience with PAM platforms such as CyberArk, HashiCorp Vault, Strong understanding of authentication and identity systems-AD, IAM, certificates, Kerberos, tokenâbased auth, and modern cloud identity patterns.
- Experience with scripting or automation using Python, Go, Bash, PowerShell, or similar languages.
- Familiarity with Terraform, CI/CD pipelines, or infrastructureâasâcode concepts.
- A background in security engineering, security operations, development, or architecture within midâtoâlarge scale environments.
- Someone who enjoys technical ownership, problem solving, and driving improvements across core security systems.
Work Model: Hybrid - 3 days onsite
Compensation: $145K - $236K base + bonus
FAQs
Congratulations, we understand that taking the time to apply is a big step. When you apply, your details go directly to the consultant who is sourcing talent. Due to demand, we may not get back to all applicants that have applied. However, we always keep your CV and details on file so when we see similar roles or see skillsets that drive growth in organisations, we will always reach out to discuss opportunities.
Yes. Even if this role isnât a perfect match, applying allows us to understand your expertise and ambitions, ensuring you're on our radar for the right opportunity when it arises.
We also work in several ways, firstly we advertise our roles available on our site, however, often due to confidentiality we may not post all. We also work with clients who are more focused on skills and understanding what is required to future-proof their business.
That's why we recommend registering your CV so you can be considered for roles that have yet to be created.
Yes, we help with CV and interview preparation. From customised support on how to optimise your CV to interview preparation and compensation negotiations, we advocate for you throughout your next career move.