IAM Engineer – Privileged Access & Secrets Management

Описание вакансии

Qube Research & Technologies (QRT) is a global quantitative and systematic investment manager, operating in all liquid asset classes across the world. We are a technology and data driven group implementing a scientific approach to investing. Combining data, research, technology, and trading expertise has shaped QRT’s collaborative mindset which enables us to solve the most complex challenges. QRT’s culture of innovation continuously drives our ambition to deliver high quality returns for our investors.

You will join the Identity and Access Management team, responsible for safeguarding QRT’s systems and data by managing authentication, authorization, and privileged access controls. The team works closely with infrastructure, application, and security specialists to enforce least privilege principles and maintain compliance with security standards.

Your future role within QRT includes:

Privileged Access Management (PAM)

• Lead the deployment, configuration, and operation of PAM tools (e.g., CyberArk, BeyondTrust).Define and enforce policies for privileged account usage, session monitoring, and credential rotation.

Collaborate with system owners to onboard privileged accounts and enforce least privilege principles.

Monitor and audit privileged access activities, investigate anomalies, and support incident response.

Maintain documentation and evidence for internal and external audits related to privileged access.

Secrets Management

• Implement and manage secrets management platforms (e.g., HashiCorp Vault, AWS Secrets Manager).
• Define secure storage, access, and rotation policies for application secrets, API keys, and credentials.
• Integrate secrets management tools with CI/CD pipelines, cloud platforms, and enterprise applications.
• Ensure secrets are managed in accordance with regulatory and internal security requirements.

Access Control & Directory Services

• Support role-based access control (RBAC) implementation across Active Directory and cloud environments.
• Remediate and maintain AD group structures to align with access policies.
• Collaborate with IT and application teams to enforce authentication and authorization standards.

Compliance & Governance

• Assist in periodic access reviews and privileged account certifications.
• Ensure PAM and secrets management practices align with ISO 27001, GDPR, and other regulatory frameworks.
• Contribute to audit readiness and provide evidence for compliance assessments.

Security Operations & Incident Support

• Respond to identity-related security incidents involving privileged accounts or secrets exposure.
• Monitor alerts and logs from PAM and secrets management platforms.
• Support forensic investigations and remediation efforts.

Continuous Improvement

• Stay current with developments in PAM and secrets management technologies.
• Recommend enhancements to access control strategies and tooling.
• Participate in IAM program initiatives and roadmap activities.

Your Present Skillset

• 5+ years of experience in identity and access management with focus on PAM and secrets management
• Hands-on expertise with CyberArk, HashiCorp Vault, or similar platforms
• Experience with cloud platforms (AWS, Azure) and their native IAM/secrets services
• Strong understanding of RBAC, authentication protocols (SAML, OAuth), and directory services
• Proficiency in scripting (e.g. PowerShell, Python) for automation and integration
• Familiarity with compliance frameworks such as ISO 27001 and GDPR
• Strong communication and documentation skills
• Relevant certifications (CyberArk Defender, HashiCorp Vault Associate, CISSP, CISM) are an advantage

 QRT is an equal opportunity employer. We welcome diversity as essential to our success. QRT empowers employees to work openly and respectfully to achieve collective success. In addition to professional achievement, we are offering initiatives and programs to enable employees achieve a healthy work-life balance.