RemoteLeaf Logo
Log in Sign up

Staff IAM Engineer, Non-Human Identity

2 months ago
United States
Full-time
Senior
Security Engineer
DevOps and Infrastructure
AWS Azure Bash CI/CD DevSecOps Encryption GCP HashiCorp Vault JWT Kubernetes OpenID Connect PowerShell Python SAML SIEM Terraform
Apply Now
SoFi

SoFi

SoFi specializes in providing a comprehensive financial platform that empowers individuals to achieve their financial goals through services such as student loan refinancing, debt consolidation, home buying assistance, and investment opportunities, all...

Capital Markets
1K-5K
Founded 2011
$2900M raised
View All Jobs 74

Description

  • Design, implement, and maintain a non-human identity framework for service accounts, API tokens, certificates, and machine credentials.
  • Implement centralized secrets management and integrate it with cloud and application environments.
  • Build integrations with CI/CD pipelines and cloud services to automate credential rotation and just-in-time provisioning.
  • Define tagging, ownership, and classification models for non-human identities.
  • Develop onboarding workflows for applications, workloads, and bots requiring secure authentication.
  • Automate the creation, rotation, deactivation, and certification of service accounts and API keys.
  • Partner with developers and DevOps teams to replace hard-coded credentials with secure vault-based solutions.
  • Establish lifecycle policies for key rotation, credential expiration, and certificate renewal.
  • Build automation and telemetry integrations to manage credentials, monitor access, and detect anomalous behavior.
  • Support audit, compliance, and incident response activities related to non-human identity governance and security.

Requirements

  • Bachelor’s degree in Computer Science, Cybersecurity, or a related discipline.
  • 3–6 years of experience in IAM, DevSecOps, or Security Engineering roles.
  • Hands-on experience with non-human identity or secrets management tools.
  • Familiarity with cloud IAM concepts such as AWS IAM Roles, Azure Managed Identities, and GCP Service Accounts.
  • Experience integrating IAM or secrets systems with CI/CD pipelines and DevOps tools.
  • Proficiency in automation and scripting with Python, PowerShell, or Bash.
  • Strong understanding of authentication standards including OIDC, OAuth 2.0, SAML, and JWT.
  • Knowledge of API security, key rotation policies, and service-to-service authentication.
  • Familiarity with container and workload identities such as Kubernetes, ECS, and Lambda.
  • Understanding of Zero Trust, machine identity, and certificate lifecycle management.
  • Preferred certifications include HashiCorp Certified Vault Associate, AWS Certified Security – Specialty, Okta Certified Professional or Administrator, and (ISC)² CIAM or CISSP.

Benefits

  • Base pay is determined by experience, skills, and location.
  • Access to SoFi’s comprehensive and competitive benefits package.
  • Equal employment opportunity for all applicants and employees.
  • Reasonable accommodations are available for candidates with physical or mental disabilities.
  • Remote work from Hawaii or Alaska is not currently accommodated due to insurance coverage issues.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Anduril Industries

Senior Cloud Security Engineer

Anduril Industries 1K-5K Aerospace & Defense

Anduril Industries is hiring a Security Engineer to build and operate defensive controls that protect the infrastructure supporting its advanced defense technology products.

United States Full-time Senior Security Engineer
$129k-$220k
AWS AWS CDK Azure CI/CD GCP Go Linux Network Security Python Rust Secrets Management Terraform
5 hours, 57 minutes ago
Kyivstar

SOC Engineer

Kyivstar 1K-5K Wireless Telecommunication Services

Kyivstar.Tech is hiring a SOC Engineer to strengthen its Security Operations team by improving monitoring, threat detection, and incident response processes for the company’s IT environment.

Ukraine Full-time Mid Level Security Engineer
Active Directory Cybersecurity Elasticsearch Linux SIEM Splunk
7 hours, 35 minutes ago
Eleos

Senior Security Engineer

Eleos 51-250 IT Services

Eleos Health is hiring a Senior Security Engineer to help secure its AI-driven, multi-cloud behavioral health platform by partnering closely with R&D on architecture, data protection, and security controls.

Israel Senior Security Engineer
AWS Azure CI/CD Encryption GCP LLM
8 hours, 27 minutes ago
SpaceX

Security Software Engineer (Starlink)

SpaceX 10K-50K Aerospace & Defense

SpaceX is hiring a Security Software Engineer for Starlink to design and improve security across its internet system, from software infrastructure to devices, factories, and connected services.

United States Full-time Mid Level Security Engineer Software Engineer
$130k-$180k
C C++ Go Network Security Python TCP/IP
8 hours, 53 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers