×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Data Security

IAM Engineer

Job in Helena, Lewis and Clark County, Montana, 59604, USA
Listing for: SoFi
Full Time position
Listed on 2026-06-13
Job specializations:
  • IT/Tech
    Cybersecurity, Data Security
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Position: Staff IAM Engineer

Who we are

Shape a brighter financial future with us. Together with our members, we’re changing the way people think about and interact with personal finance. We’re a next-generation financial services company and national bank using innovative, mobile-first technology to help our millions of members reach their goals. The industry is going through an unprecedented transformation, and we’re at the forefront. We’re proud to come to work every day knowing that what we do has a direct impact on people’s lives.

The Role

The Staff IAM Engineer is responsible for securing and managing all non-human identities including service accounts, application identities, machine credentials, APIs, bots, and workloads across on-prem, cloud, and crypto infrastructure. This role ensures that automated and machine-based identities follow the same governance, lifecycle, and least-privilege principles as human users. You will design systems that enable secure authentication, secrets management, and access provisioning for automated services, APIs, and Dev Ops pipelines.

This role directly protects sensitive financial data, crypto custody environments, and transaction systems from privilege misuse, credential leakage, and insider or supply chain threats.

What You’ll Do

Identity Architecture & Engineering

  • Design, implement, and maintain a Non-Human Identity (NHI) framework governing all service accounts, API tokens, certificates, and machine credentials.
  • Implement centralized secrets management using tools such as Hashi Corp Vault or AWS Secrets Manager.
  • Build integrations with CI/CD pipelines and cloud services (AWS, GCP, Azure) to enforce automated credential rotation and JIT provisioning.
  • Define and implement tagging, ownership, and classification models for non-human identities.
  • Develop scalable onboarding processes for applications, workloads, and bots that require secure authentication.

Lifecycle Management & Governance

  • Develop automated workflows for creation, rotation, deactivation, and certification of service accounts and API keys.
  • Partner with developers and Dev Ops to transition hard-coded credentials to secure vaults.
  • Establish policies for key rotation frequency, credential expiration, and certificate renewal.
  • Integrate NHI lifecycle into IAM governance tools (Okta).
  • Support quarterly access reviews and certification campaigns for non-human identities.

Automation & Integration

  • Build automation using APIs, Python, Power Shell, or Terraform to manage credentials and monitor access.
  • Integrate non-human identity telemetry into SIEM/SOAR platforms for anomaly detection.
  • Implement visibility dashboards to track total NHI inventory, owners, last use, and compliance status.
  • Deploy Just-in-Time (JIT) credential provisioning for ephemeral workloads and containers (Kubernetes, Lambda, ECS, etc.).

Security & Risk Management

  • Enforce least privilege and zero-trust principles for machine access.
  • Monitor for unused or excessive service accounts and remediate over-permissioned credentials.
  • Support incident response teams with forensics on compromised API keys or tokens.
  • Define detection logic for credential misuse or non-standard access patterns.
  • Partner with Application Security to integrate secure NHI handling into SDLC.

Compliance & Audit

  • Maintain audit trails for credential issuance, usage, and rotation events.
  • Produce compliance reports for SOX, SOC 2, PCI DSS, FFIEC, and crypto-custody audits.
  • Collaborate with internal audit and compliance teams to validate NHI control effectiveness.
  • Document architecture, data flows, SOPs, and exception processes for NHI management.

Innovation & Continuous Improvement

  • Evaluate emerging NHI management solutions (e.g., SPIFFE/SPIRE, workload identity federation, cloud-native secrets stores).
  • Lead proof-of-concepts to modernize credentialless or short-lived identity methods.
  • Advocate for security automation and the reduction of static credentials across the enterprise.
What You’ll Need

Education & Experience

  • Bachelor’s degree in Computer Science, Cybersecurity, or related discipline.
  • 3–6 years of experience in IAM, Dev Sec Ops , or Security Engineering roles.
  • Hands‑on experience with non‑human identity or secrets…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search