The Senior PBAC Engineer helps architect, deploy and operate a secure application infrastructure that aligns with business needs. The position is responsible for developing security solutions at scale and with resiliency to support business initiatives. In this role, the Senior IAM Engineer will focus on pBAC / PBAC (Policy-Based Access Control) capabilities, including centralized policy decisioning, distributed policy enforcement integration, attribute/context aggregation, and auditability to meet security and compliance expectations. Req# [redacted] Responsibilities Be self-driven with minimal daily oversight required Design and build security solutions Design and implement security architectures and strategies to safeguard information system resources and assets Ensure integration of technology that upholds the Information Security policies and standards, as well as meets firm business objectives Mentor fellow team members and other associates in security best practices Maintain awareness of security technology direction, trends, and related issues Develop long-term strategy for supported security systems Design and implement pBAC / PBAC platform components, including a central Policy Decision Point (PDP) with high availability, performance, and scale Enable distributed Policy Enforcement Points (PEPs) by integration of enforcement with API gateways, SSO platforms, and target applications as needed Coordinate attribute aggregation across identity, risk, device, transaction, location, and other enterprise data sources required for policy decisions Implement audit & compliance pipelines by streaming PBAC decision logs to SIEM/compliance dashboards and support of reporting needs Support delegated administration workflows and governance models for policy control across business units, IT, risk, and compliance stakeholders Requirements 7+ years of experience with pBAC / PBAC implementations, including platform onboarding, policy lifecycle management, and integration patterns for policy decisioning and enforcement (PDP/PEP model) Experience with implementation of PBAC across pilot applications and scaling to broader adoption, including policy development and enforcement integration into applications and/or gateways Proficiency in JavaScript, Java or Python General knowledge of Active Directory (AD) or other LDAP Directory Services, Intrusion Detection, Security Policies / GPOs, Operating System (OS) hardening, Single Sign-on (SSO), Federation (SAML and/or OIDC), Multi-Factor Authentication (MFA), Certificates/Public Key Infrastructure (PKI), Identity Management concepts, Cloud Technology and device authentication a plus