Identity Platform Engineer

The DevSecOps Engineer will play a pivotal role in integrating robust security practices throughout the DevOps lifecycle with a primary emphasis on identity and access management (IAM) using Microsoft Entra ID (formerly Azure AD). This role is responsible for designing and implementing secure automation pipelines enforcing leastprivilege and Zero Trust access controls and managing enterprise identity governance to meet both organizational and regulatory compliance requirements.

In addition to strong Entra ID expertise the ideal candidate will bring handson experience with GCP pipeline deployment infrastructure-as-code (IaC) and custom agent development to enhance cloud security observability policy enforcement and workload protection across cloud environments.

• Implement and manage emerging Microsoft Entra ID security controls also including Conditional Access Identity Protection Privileged Identity Management (PIM) Identity Governance and adaptive MFA policies across enterprise workloads.
• Leverage emerging Entra technologies such as Entra Agent ID Entra Workload ID Identity Governance lifecycle workflows and Zero-Trust deploymentsto strengthen identity protection automate governance and modernize access strategies.
• Continuously evaluate new features in Microsoft Entra ID and GCP IAM providing architectural recommendations and integrating relevant capabilities into enterprise DevSecOps workflows.
• Design and integrate security tooling into CI/CD pipelines using GitHub Actions and GCP Cloud Build to ensure automated code scanning dependency security secrets scanning and policy enforcement.
• Develop secure automated pipelines on the GCP platform enabling continuous compliance validation vulnerability scanning and policy-as-code deployment for cloud workloads and containerized environments.
• Automate identity and security configuration using scripting and IaC tools such as Terraform Ansible and ARM templates with multi-cloud pipeline support for Azure and GCP.
• Build and maintain custom security agents and automation workflows to enhance identity telemetry enforce real-time access policies and standardize cloud security controls across environments.
• Conduct regular reviews of roles permissions service principals workload identities and application registration security ensuring least-privilege access and Zero Trust alignment.
• Collaborate with engineering teams to perform secure code reviews threat modeling vulnerability assessments and provide remediation guidance during development and deployment cycles.
• Develop dashboards reports and automation for identity compliance audit readiness and IAM security posture using tools like Azure Monitor GCP Looker Sentinel and BigQuery.

• Strong technical troubleshooting and strategical skills to build emerging technology solutions at scale.
• 36 years of experience in DevOps SecOps or Cloud Security Engineering roles.
• Strong hands-on experience with Microsoft Entra ID (AuthN Protocols Conditional Access PIM Identity Protection Graph API and automation).
• Lead GCP cloud deployments and build scalable secure automation pipelines leveraging Cloud Build Cloud Deploy Artifact Registry and GCP-native IaC to support continuous delivery compliance automation and multi-cloud DevSecOps workflows.
• Experience with IaC: Terraform Bicep or ARM templates.
• Knowledge of container security Kubernetes and cloud-native security patterns.
• Solid understanding of Zero Trust principles IAM and identity lifecycle management.
• Familiarity with vulnerability management tools and SAST/DAST integrations (42Crunch CheckmarX and FOSSA)
• Microsoft Azure certifications (e.g. AZ-500 SC-300 AZ-104 AZ-305) are a strong plus.