Information Security Support Engineer

Description

We are seeking an Identity Remediation & Onboarding Analyst to join our Information Security team, supporting identity and access remediation initiatives across the firm. We are partnering with our CyberArk and Linux engineering teams to secure sudo access and transition users with elevated privileges to passwordless SSH sessions using CyberArk. The contractor will coordinate across technical and business stakeholders, help define and manage the migration schedule, track progress, and support issue resolution throughout the rollout. If capacity allows, this role may also support service account remediation efforts, including onboarding service accounts into CyberArk, coordinating appropriate Safe access configurations, and ensuring proper password rotation controls are implemented.

What we offer

• Global Relocation - (Relocation options; Experience in an international environment; Cross-cultural experience)

• Recognition and Evaluation - (Feedback culture; Regular appraisals)

• Time Off - (Annual holiday - 20 or 26 days. The duration of the leave depends on the overall seniority; Occasional leave - 1 or 2 days/ depending on the circumstances; Child care leave - 2 days or 16 hours per year; Absence due to force majeure - 2 days or 16 hours per year; Maternity Leave - 20 weeks; Parental Leave - 41 weeks; Paternity Leave - 14 days)

• Luxoft Training Center - (Expert-led tech courses covering basic to advanced topics; Internal instructor-led soft skills courses; Comprehensive in-house self-learning resources for both soft and hard skills; Access to external self-learning libraries like ProQuest eBook and Udemy for Business; Cloud Programs: MS Cloud Academy, AWS Partner Academy, Google Cloud Academy; Custom Learning Programs: upskilling, reskilling, technical mentorship; Leadership Programs for Managers)

• Well-being and Work-life Balance - (Multisport card; Possibility to order Multisport card at the corporate rate for family members; LuxGood Program: wellbeing seminars, contests, relaxation sessions, yoga sessions, etc.; One Team Program: Buddy for each New Joiner; seminars, meeting and workplace space to support integration with local community and culture; “Hire me” workshops for partners; Preferential banking offer; Preferential car leasing offer; Cafeteria program discounts for shops, cinema tickets, holiday offers; Luxoft Social Benefit Fund: sport and recreation benefits, the possibility to receive financial support)

• Health Care - (Private Healthcare Insurance with unlimited access to specialists; Full dental support; Travel Insurance; Possibility to add private healthcare coverage for family members at the corporate rate; Life insurance at the corporate rate for employees and family members, including payment of the basic package for the employee by the employer; Reimbursement for corrective glasses)

• Company Events and Friendly Environment - (Many fun social activities organized by the Luxoft team offline in your city; Online entertainment events for whole company and local team events; A workplace where you’re treated with respect within a multicultural team)

• Internal Mobility - (Rotation between projects and accounts; New career opportunities)

• Self-Learning Library

• CSR Projects

Other

• Languages: English: B2 Upper Intermediate

• Seniority: Regular

Requirements

• Minimum of 3 years of professional experience in Identity & Access Management (IAM), information security, identity operations, or a related technology role.

• Hands-on CyberArk experience

• Linux knowledge

• Hands-on experience executing identity lifecycle management, account remediation, or access cleanup initiatives within an enterprise environment.

• Practical experience working with Identity Governance & Administration (IGA) solutions such as SailPoint, including onboarding applications or supporting entitlement management processes.

• Working knowledge of Active Directory, group-based access models, and service account management.

• Experience supporting privileged account onboarding or working with Privileged Access Management (PAM) solutions (e.g., CyberArk or similar).

• Demonstrated understanding of identity hygiene principles, least-privilege design, service account risk management, and access control best practices.

• Experience supporting remediation tracking and audit-related validation activities, including production of audit-ready evidence.

• Proven ability to analyze large access and entitlement datasets (e.g., access extracts, entitlement listings, reconciliation reports) to identify control gaps and prioritize corrective actions.

• Strong organizational skills with the ability to manage multiple remediation workstreams and drive issues through closure.

• Clear written and verbal communication skills, with the ability to coordinate remediation and onboarding efforts across global stakeholders.

• Hands-on experience leveraging AI tools or large language models to automate repeatable analysis, documentation, or reconciliation activities.

• Commitment to the highest ethical standards.

• n/a

Responsibilities

• Execute identity remediation initiatives across critical systems, eliminating orphaned accounts, stale access, excessive privileges, and unmanaged service accounts.

• Perform hands-on cleanup and risk reduction across accounts, entitlements, and privileged access in alignment with firm standards.

• Drive service account security improvements, including remediation of clear-text passwords, credential vaulting and rotation, ownership validation, and enforcement of lifecycle controls.

• Support onboarding of applications and privileged accounts into the firm's Identity Governance & Administration (IGA) solution, and Privileged Access Management platforms in alignment to firm's access control requirements.

• Reduce administrative access across critical platforms by identifying excessive privileged access and implementing least-privilege controls.

• Strengthen group and entitlement governance by simplifying complex group structures and aligning them to standardized access models.

• Partner with application, infrastructure, and engineering teams to implement access changes and close control gaps.

• Track remediation efforts through completion, maintaining audit-ready documentation and measurable evidence of risk reduction.

• Monitor shared mailboxes and ticketing queues related to remediation and onboarding activities, ensuring timely response, prioritization, and escalation.

• Leverage AI tools and large language models to automate repeatable analysis, reconciliation, and documentation tasks.