Security Engineer

  • Posted: 04/03/2025
  • Salary: -
  • Location: Woking, Greater London, United Kingdom
  • Job Type: Contract

Location: London (2 days hybrid)
Duration: 6 months



About the Role

We are seeking a Senior IAM & Cloud Security Engineer with deep expertise in ForgeRock IAM solutions, AWS security, cryptographic protocols, and DevSecOps. This role involves designing, securing, and scaling enterprise IAM and CIAM solutions, embedding security-by-design principles, and proactively mitigating evolving cyber threats.

Key Responsibilities

  • Architect, configure, and deploy ForgeRock IAM solutions (PingGateway, PingAM, PingIDM, PingDS) with embedded security gates, token encryption, and access control mechanisms.

  • Implement AWS security controls, policies, and automation for cloud-native IAM and security solutions.

  • Secure microservices, APIs, and DevSecOps integrations using advanced cryptographic protocols, PKI, HSMs, and secure key lifecycle management.

  • Automate security workflows using GitLab CI/CD, AWS CLI, and Chef.

  • Manage certificate lifecycle (rotation, revocation, renewal) and integrate HSM and CSM tools for enterprise security.

  • Conduct penetration testing, threat modeling, forensic analysis, and work with SOC operations to defend against cyber threats.

  • Partner with engineering, product, and CISO teams to embed security principles into the DevSecOps lifecycle.

  • Lead vulnerability scanning, risk mitigation, and security patching efforts, working with vendors to ensure compliance.

  • Communicate security risks and mitigation strategies to executive leadership.

Required Skills & Experience

5+ years hands-on experience with ForgeRock IAM solutions (PingGateway, PingAM, PingIDM, PingDS) in enterprise environments.
✅ Expertise in AWS security, including IAM policies, CLI tools, and automation.
✅ Strong knowledge of RBAC, ABAC, OAuth2, OIDC, PKI, WebAuthN, and cryptographic security.
✅ Hands-on experience with HSMs, CSMs, token encryption, data-at-rest encryption, and HTTP header signing.
✅ Experience in penetration testing, vulnerability scanning, and security patching.
✅ Strong coding experience in JavaScript, Java, Python for security automation and IAM scripting.
✅ Experience with GitLab CI/CD, AWS CLI, Chef, and security automation.
10+ years of hands-on security engineering, threat modeling, and forensic analysis.
PKI-based self-sovereign identity experience is a plus.
✅ Open-source contributions are a plus.

Certifications & Training

  • Certification or proof of completion of ForgeRock Deep-Dive “4xx” training courses preferred.

Kerry Demetriou Global Director - Strategic Solutions

Apply for this role