NCR Voyix Corporation is a leading global provider of digital commerce solutions for the retail, restaurant, and banking industries. They are seeking an Information Security Engineer to enhance identity and access security controls, manage Privileged Access Management (PAM) capabilities, and drive improvements in CyberArk onboarding and credential management.
Own day-to-day reliability, security, and lifecycle management of CyberArk components and integrations (configuration, upgrades, health monitoring, and break-fix)
Define and maintain operational standards (onboarding patterns, safe design, naming/metadata, rotation policies, and access workflows) to ensure consistency and auditability
Lead onboarding and lifecycle management for privileged accounts (human and non-human), including service accounts, application secrets, and automation identities
Design and implement password/secret rotation strategies and work with application owners to ensure credential consumers are compatible with rotation and failover
Configure and maintain privileged session access controls, including approvals, just-in-time access patterns (where applicable), session monitoring/recording, and least-privilege enforcement
Perform PAM discovery activities and prioritize remediation of unmanaged privileged access
Implement and troubleshoot integrations between CyberArk and enterprise platforms (e.g., directory services, endpoints/servers, CI/CD, and key application stacks)
Develop and maintain automation (PowerShell/Python) for onboarding, rotation validation, reporting, and operational tasks; contribute to reusable templates and standards
Produce and maintain audit-ready evidence for privileged access controls (e.g., onboarding approvals, rotation success, access reviews, session logs) and support internal/external audits
Identify gaps in privileged access controls, drive remediation plans, and track improvements through measurable operational metrics
Partner with engineering teams to apply least-privilege and credential management patterns for AI/automation identities (e.g., API keys, service principals, tokens) used by scripts, bots, and AI-assisted workflows
Define and implement controls to reduce AI-related identity risk (secret sprawl, over-privileged tokens, unmanaged credentials), including logging, rotation, and break-glass procedures
Provide Tier-3 support and technical leadership during PAM-related incidents; perform root cause analysis and implement corrective/preventive actions
Mentor junior engineers and contribute to knowledge transfer through runbooks, training, and peer reviews
Qualification
Required
Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent practical experience)
1โ3+ years of experience in Information Security, IAM, or security engineering with a strong focus on PAM
Hands-on experience implementing and operating CyberArk in enterprise environments (onboarding at scale, rotation, integrations, monitoring, and troubleshooting)
Demonstrated experience supporting audits and operating with strong change control and documentation discipline
Strong knowledge of privileged access concepts (least privilege, break-glass access, service accounts, just-in-time patterns, session monitoring/recording)
Windows and Linux administration fundamentals (credential usage, services/daemons, scheduling, permissions) and authentication protocols basics (e.g., LDAP/Kerberos/SSO concepts)
Scripting/automation skills in PowerShell and/or Python, with the ability to develop maintainable scripts and perform peer reviews
Ability to troubleshoot complex issues across applications, infrastructure, and integrations (logs, networking basics, and dependency mapping)
Working knowledge of GenAI and common enterprise AI adoption risks (data leakage, prompt injection, insecure plugins/tools, model/API access control), and the ability to translate these risks into practical identity and secrets-management controls
Familiarity with using AI-assisted tools responsibly for operational efficiency (triage, documentation, reporting) while ensuring sensitive data handling, logging, and policy compliance
Strong analytical and problem-solving skills
Excellent communication and collaboration abilities
Ability to work under pressure during critical incidents
Preferred
CyberArk certifications (e.g., Defender/Trustee) or equivalent hands-on mastery
AI security training/certification (e.g., vendor AI security fundamentals) or demonstrated experience supporting secure enterprise AI adoption
Security+ and/or higher-level certification such as SSCP, CISSP, or CISM (based on experience level)
Benefits
NCR Voyix is a provider of digital commerce solutions for the retail, restaurant, and digital banking industries.
Glassdoor
Founded in 1884
Atlanta, Georgia, USA
10001+ employees
https://www.ncrvoyix.com
NCR Voyix is a provider of digital commerce solutions for the retail, restaurant, and digital banking industries.
