Principal Security Engineer

About the Role

Our recruitment team is partnering with a major enterprise organization to identify an experienced Security Engineering leader with deep expertise in privileged access and secrets management. Our client is a well‑established organization in the financial services sector, supporting critical operations within the broader trading and investment ecosystem

This position plays a critical role in advancing core identity security controls, enhancing automation, and drivingAI‑enabled improvements across a large and complex environment.

We are supporting our client in finding a professional who can provide operational leadership, influence architectural direction, and drive modernization across privileged access platforms. If you thrive in sophisticated enterprise environments and enjoy tackling difficult security challenges, this opportunity offers substantial impact and long‑term growth.

---

What You'll Do

• Provide 24x7 operational support and subject matter expertise for enterprise privileged access management (PAM) platforms and secrets management solutions (e.g., CyberArk, HashiCorp Vault, PKI, HSMs).
• Deliver break‑fix activities, troubleshoot platform issues, apply patches and hotfixes, and manage platform lifecycle tasks such as upgrades, version control, and configuration alignment with internal security standards.
• Serve as a primary technical authority for secrets management and PAM architecture, ensuring strong security‑as‑code practices across the environment.
• Build and enhance integrations between PAM systems and enterprise tooling, improving user experience and operational efficiency.
• Develop long-term engineering solutions leveraging automation and AI‑based approaches for faster detection, triage, and remediation of functional or technical issues.
• Collaborate with security architecture, cloud, and infrastructure teams to strengthen identity and access controls across on‑prem and cloud platforms.

---

Qualifications

Required Knowledge & Skills

• Strong understanding of authentication and authorization technologies (e.g., Active Directory, OAuth 2.0, OIDC, IAM, Kerberos, LDAP/LDAPS, certificates, Kubernetes access models).
• Working knowledge of cloud environments and CI/CD tooling such as Terraform, Ansible, and Jenkins.
• Solid grounding in security architecture concepts: confidentiality, integrity, availability.

Technical Expertise

• Hands‑on experience supporting or engineering one or more of the following:
  • CyberArk
  • HashiCorp Vault
  • PKI / ADCS
  • Hardware Security Modules (HSMs)
• Advanced scripting or engineering skills in Go, Python, Bash, PowerShell, Terraform, or Ansible.
• Deep understanding of PAM methodologies for both on‑prem and cloud-based implementations.

Experience

• Background in security engineering, operations, software development, or security architecture.
• Experience supporting privileged access or secrets management programs.
• Familiarity with AI-assisted development tools (OpenAI-based agents, Claude Code, Gemini CLI, etc.).

---

Work Environment & Growth

• Highly collaborative culture with strong cross-team engagement.
• Exposure to modern security tools, enterprise-scale architecture, and emerging technologies.
• Opportunity to lead major automation initiatives and platform modernization efforts.