Security Engineer

Location: London (2 days hybrid)
Duration: 6 months


About the Role

We are seeking a Senior IAM & Cloud Security Engineer with deep expertise in ForgeRock IAM solutions, AWS security, cryptographic protocols, and DevSecOps. This role involves designing, securing, and scaling enterprise IAM and CIAM solutions, embedding security-by-design principles, and proactively mitigating evolving cyber threats.

Key Responsibilities

• Architect, configure, and deploy ForgeRock IAM solutions (PingGateway, PingAM, PingIDM, PingDS) with embedded security gates, token encryption, and access control mechanisms.

• Implement AWS security controls, policies, and automation for cloud-native IAM and security solutions.

• Secure microservices, APIs, and DevSecOps integrations using advanced cryptographic protocols, PKI, HSMs, and secure key lifecycle management.

• Automate security workflows using GitLab CI/CD, AWS CLI, and Chef.

• Manage certificate lifecycle (rotation, revocation, renewal) and integrate HSM and CSM tools for enterprise security.

• Conduct penetration testing, threat modeling, forensic analysis, and work with SOC operations to defend against cyber threats.

• Partner with engineering, product, and CISO teams to embed security principles into the DevSecOps lifecycle.

• Lead vulnerability scanning, risk mitigation, and security patching efforts, working with vendors to ensure compliance.

• Communicate security risks and mitigation strategies to executive leadership.

Required Skills & Experience

✅ 5+ years hands-on experience with ForgeRock IAM solutions (PingGateway, PingAM, PingIDM, PingDS) in enterprise environments.
✅ Expertise in AWS security, including IAM policies, CLI tools, and automation.
✅ Strong knowledge of RBAC, ABAC, OAuth2, OIDC, PKI, WebAuthN, and cryptographic security.
✅ Hands-on experience with HSMs, CSMs, token encryption, data-at-rest encryption, and HTTP header signing.
✅ Experience in penetration testing, vulnerability scanning, and security patching.
✅ Strong coding experience in JavaScript, Java, Python for security automation and IAM scripting.
✅ Experience with GitLab CI/CD, AWS CLI, Chef, and security automation.
✅ 10+ years of hands-on security engineering, threat modeling, and forensic analysis.
✅ PKI-based self-sovereign identity experience is a plus.
✅ Open-source contributions are a plus.

Certifications & Training

• Certification or proof of completion of ForgeRock Deep-Dive “4xx” training courses preferred.