Job Description, Responsibilities & Requirements
About the Position
We are seeking a Senior PBAC Engineer to design and implement secure application infrastructures. This role involves developing scalable security solutions and ensuring compliance with business objectives.
Responsibilities
- Be self-driven with minimal daily oversight required
- Design and build security solutions
- Design and implement security architectures and strategies to safeguard information system resources and assets
- Ensure integration of technology that upholds the Information Security policies and standards, as well as meets firm business objectives
- Mentor fellow team members and other associates in security best practices
- Maintain awareness of security technology direction, trends, and related issues
- Develop long-term strategy for supported security systems
- Design and implement pBAC / PBAC platform components, including a central Policy Decision Point (PDP) with high availability, performance, and scale
- Enable distributed Policy Enforcement Points (PEPs) by integration of enforcement with API gateways, SSO platforms, and target applications as needed
- Coordinate attribute aggregation across identity, risk, device, transaction, location, and other enterprise data sources required for policy decisions
- Implement audit & compliance pipelines by streaming PBAC decision logs to SIEM/compliance dashboards and support of reporting needs
- Support delegated administration workflows and governance models for policy control across business units, IT, risk, and compliance stakeholders
Requirements
- 7+ years of experience with pBAC / PBAC implementations, including platform onboarding, policy lifecycle management, and integration patterns for policy decisioning and enforcement (PDP/PEP model)
- Experience with implementation of PBAC across pilot applications and scaling to broader adoption, including policy development and enforcement integration into applications and/or gateways
- Proficiency in JavaScript, Java or Python
- General knowledge of Active Directory (AD) or other LDAP Directory Services, Intrusion Detection, Security Policies / GPOs, Operating System (OS) hardening, Single Sign-on (SSO), Federation (SAML and/or OIDC), Multi-Factor Authentication (MFA), Certificates/Public Key Infrastructure (PKI), Identity Management concepts, Cloud Technology and device authentication a plus
We Offer
- Remote work in Canada
- Opportunity to work with a leading company in the industry
About the Company
EPAM Systems is a global software engineering and product development company. We deliver digital platforms and software products to Fortune 500 companies and leading startups.