Identity & PAM Security Engineer

Identity & PAM Security Engineer (Remote)

Sporty Group is seeking a skilled Identity & PAM Security Engineer to join our remote-first team. You will play a crucial role in ensuring the security, stability, and scalability of our software systems and infrastructure by focusing on identity security controls across the enterprise.

About the Role

This position is responsible for designing, implementing, and managing identity security controls, with a strong emphasis on privileged access management, identity governance, service account security, and conditional access. You will collaborate closely with Security, Infrastructure, and Engineering teams to ensure secure and governed access to critical systems and resources, adhering to least-privilege principles.

Key Responsibilities

• Manage privileged access controls, including Privileged Identity Management (PIM), just-in-time (JIT) access, approval workflows, and privileged role assignments.
• Define and maintain administrative access processes for high-risk roles, privileged sessions, and break-glass accounts.
• Lead and support access review processes, track remediation, and ensure access rights align with least-privilege principles.
• Manage the lifecycle of service and machine accounts, including ownership, permissions, credential rotation, monitoring, and decommissioning.
• Configure, maintain, and monitor conditional access policies, multi-factor authentication (MFA), and identity risk controls.
• Design and implement automation for identity workflows, approvals, access validation, reporting, and remediation.
• Collaborate with Security, Infrastructure, and Engineering teams to enhance identity security in cloud and enterprise environments.
• Support security audits, incident response, and identity-related investigations.
• Contribute to the continuous improvement of identity governance, privileged access management, and security operations practices.

Requirements

• 4+ years of experience in Identity and Access Management (IAM), Cloud Security, Infrastructure Security, or Security Engineering.
• Hands-on experience administering and securing Microsoft Entra ID and Google Cloud IAM environments.
• Strong understanding of identity security concepts: least privilege, role-based access control (RBAC), MFA, conditional access, access governance, and privileged access management.
• Experience managing service accounts, machine identities, secrets, API keys, and credential rotation processes.
• Experience building automation using workflow management platforms, APIs, PowerShell, Python, or similar technologies.
• Strong analytical and problem-solving skills with a security-first mindset.
• Excellent documentation, communication, and stakeholder management skills.
• Ability to work effectively in a fast-paced, distributed environment.

Desired Skills

• Experience implementing or operating Privileged Access Management (PAM) solutions at scale.
• Familiarity with Identity Governance and Administration (IGA) frameworks and best practices.
• Experience integrating identity security controls into cloud-native environments and automation pipelines.
• Exposure to security monitoring, SIEM platforms, or log analysis tools.
• Relevant certifications (e.g., SC-300, AZ-500, CISSP, CCSP).

What We Offer

• Competitive salary with individual performance-based bonuses every quarter.
• 28 days paid annual leave.
• Core working hours of 10 am - 3 pm in your local time zone, with flexibility.
• Referral bonuses and flash bonuses.
• Top-of-the-line equipment.
• Annual company retreats for global connection and collaboration.
• A remote-first company culture focused on sustainability.

We review every application and aim to respond within 48 hours. If you are passionate about identity security and meet these qualifications, we encourage you to apply.