About this Security Engineer, IAM & PAM role at Getmidas
What You’ll Do
Onboard all privileged accounts (human, service, and application accounts) across cloud, on-premise, and SaaS environments into the PAM platform, achieving full session isolation and automated credential rotation for critical assets.
Eliminate standing privileged access by designing and rolling out Just-in-Time (JIT) access and time-bound elevation workflows for critical systems, ensuring no permanently assigned admin roles exist in production environments.
Redesign and implement least-privilege RBAC for internal business applications, eliminating over-privileged role assignments, establishing complete role-to-team mapping, and operating automated access certification cycles.
Achieve comprehensive MFA and phishing-resistant authentication coverage for privileged and remote access, with conditional access policies enforced across all identity perimeters.
Automate the full Joiner-Mover-Leaver (JML) lifecycle across all identity sources, ensuring immediate deprovisioning for leavers and minimizing manual provisioning effort.
Discover, inventory, and vault all service accounts and secrets (API keys, tokens, certificates) across cloud and CI/CD pipelines, eliminating hard-coded credentials in code repositories through automated scanning and rotation.
Help the cyber defense team build identity threat detection & response (ITDR) capability by integrating IAM/PAM telemetry into the SIEM platform, achieving full alerting coverage for privileged session anomalies with rapid triage processes.
What You’ll Bring:
Strong experience with SSO/SAML/LDAP integrations, conditional access, identity governance
Hands-on experience with a PAM solution (CyberArk strongly preferred): safe management, PSM, CPM, onboarding privileged accounts
Solid understanding of authentication and authorization protocols
Familiarity with Turkish financial sector regulations (TCMB, SPK, KVKK) and audit processes is a strong plus
Experience with secrets management tools
Understanding of zero-trust principles, least privilege, and identity threat detection
Strong documentation skills in both Turkish and English; ability to produce audit-ready policy and procedure documents
Relevant certifications are a plus