Full Job Description
The Senior PBAC Engineer is responsible for architecting, deploying, and operating secure application infrastructure that aligns with business needs. This role focuses on developing scalable and resilient security solutions to support business initiatives. Req# [redacted] Responsibilities Design and build security solutions with minimal daily oversight Develop and implement security architectures and strategies to safeguard information systems and assets Ensure technology integration complies with Information Security policies, standards, and business objectives Mentor team members and associates in security best practices Stay current with security technology trends and related issues Develop long-term strategies for supported security systems Design and implement PBAC platform components, including a central Policy Decision Point (PDP) with high availability, performance, and scalability Integrate distributed Policy Enforcement Points (PEPs) with API gateways, SSO platforms, and target applications Coordinate attribute aggregation across identity, risk, device, transaction, location, and other enterprise data sources for policy decisions Implement audit and compliance pipelines by streaming PBAC decision logs to SIEM/compliance dashboards and supporting reporting needs Support delegated administration workflows and governance models for policy control across business units, IT, risk, and compliance stakeholders Requirements 7+ years of experience with PBAC implementations, including platform onboarding, policy lifecycle management, and integration patterns for policy decisioning and enforcement (PDP/PEP model) Experience implementing PBAC across pilot applications and scaling to broader adoption, including policy development and enforcement integration into applications and/or gateways Proficiency in JavaScript, Java, or Python General knowledge of Active Directory (AD) or other LDAP Directory Services, Intrusion Detection, Security Policies/GPOs, OS hardening, Single Sign-On (SSO), Federation (SAML and/or OIDC), Multi-Factor Authentication (MFA), Certificates/Public Key Infrastructure (PKI), Identity Management concepts, Cloud Technology, and device authentication