Sr Specialist Cybersecurity – Non-human Identity (nhi) Engineer - Account/service/secret Management

AT&T AT&T · Telecom · IND:KA:Banglaore +1

This role focuses on designing, implementing, and managing identity and access management (IAM) solutions for non-human entities within a cybersecurity context. While the role involves leveraging AI/ML tools and understanding AI concepts for cybersecurity applications like anomaly detection and threat hunting, its core function is IAM engineering, not the development or deployment of AI models themselves. The primary focus is on securing applications, devices, APIs, and service accounts, with AI/ML being a supporting technology for enhancing these security operations.

What you'd actually do

  1. Develop and maintain scalable architectures for non-human identity lifecycle management, including provisioning, rotation, and decommissioning.
  2. Automate identity provisioning and deprovisioning processes for applications, devices, and services using IAM tools and scripts.
  3. Define and enforce policies for authentication and authorization of non-human identities, including privileged access management (PAM) for service accounts and secrets management.
  4. Integrate IAM solutions with cloud platforms, CI/CD pipelines, DevOps tools, and third-party APIs to ensure seamless identity management.
  5. Implement security controls, auditing, and monitoring for non-human identities to ensure compliance with regulatory requirements and internal policies.

Skills

Required

  • Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience)
  • 10+ years of experience in identity and access management (IAM), with a focus on non-human identities (applications, APIs, devices, bots)
  • Strong understanding of authentication protocols (OAuth2, SAML, OpenID Connect), certificate management, and secrets management
  • Experience with IAM tools (e.g., Azure AD, AWS IAM, HashiCorp Vault, CyberArk, OASIS, SailPoint)
  • Exposure to IAM concepts: IGA, PAM, RBAC/ABAC, MFA, directory services
  • Proficiency in scripting or programming languages (Python, PowerShell, Bash, etc.) for automation
  • Familiarity with cloud environments (AWS, Azure, GCP), IAM of SAAS products (ServiceNow, Snowflake, Oracle Financials etc) and DevOps toolchains

Nice to have

  • Experience with zero trust architectures and least-privilege access models
  • Knowledge of regulatory and compliance frameworks (e.g., NIST, ISO, SOC2)
  • Strong troubleshooting and analytical skills
  • Excellent communication and documentation abilities
  • Familiarity with applying Artificial Intelligence (AI) or Machine Learning (ML) techniques in cybersecurity contexts
  • Experience leveraging AI-enabled tools (such as Copilot for Security, Darktrace, CrowdStrike Charlotte AI, or custom LLM integrations) to enhance detection, response, and automation workflows
  • Understanding of LLM safety, prompt engineering, or AI governance frameworks (e.g., NIST AI RMF, EU AI Act readiness)
  • Exposure to data science fundamentals relevant to security (pattern recognition, supervised vs. unsupervised learning, model validation)
  • Awareness of AI-driven risks (e.g., adversarial ML, data poisoning, model hallucination) and their mitigation within enterprise environments
  • Interest in leveraging GenAI for security operations, such as summarizing alerts, drafting reports, or automating incident triage.

What the JD emphasized

  • 10+ years of experience in identity and access management (IAM), with a focus on non-human identities (applications, APIs, devices, bots)