Senior IAM Engineer – API Security/NHI

Rockwell Automation

IAM Engineer focusing on Non-Human and Machine Identity & Access Management with Rockwell Automation. Responsibilities include API security and centralized governance across the enterprise.

Posted 4/8/2026full-timePune • 🇮🇳 IndiaSeniorWebsite

Tech Stack

Tools & technologies

AWSCloudFirewallsSaltStackVault

About the role

Key responsibilities & impact

Design and implement Non‑Human and Machine Identity controls for service accounts, API tokens, application credentials, and CI/CD system identities.
Establish centralised secrets management using HashiCorp Vault (or equivalent), enforcing secure storage, automated rotation and expiration, auditing, and removal of hard‑coded credentials.
Define API authentication and authorization standards, including OAuth 2.0, OpenID Connect, JWT, and mTLS, with least‑privilege access models.
Design and enforce API security policies using API Gateway platforms (MuleSoft, Kong, Apigee, AWS API Gateway, or equivalent), including rate limiting, throttling, and traffic control.
Lead centralised API governance, covering API registration, lifecycle management, and policy enforcement by an enterprise API gateway.
Increase adoption of the centralised IAM and API security stack, establishing and operationalizing the enterprise API gateway.
Implement API logging and monitoring, ensuring we forward API and identity events to the enterprise SIEM for visibility and threat detection.
Partner with SOC, platform, DevOps, and application teams to detect API abuse, anomalous behaviour, and misconfiguration.
Maintain architecture standards and reference designs for API identity, secrets management, and non‑human access control.
Ensure understanding of industry standards such as OWASP API Security Top 10, NIST, GDPR, HIPAA, and PCI‑DSS.

Requirements

What you’ll need

Bachelor's degree in computer science, Engineering, or equivalent practical experience.
8–10+ years of experience in IAM, API Security, or Application Security, with a focus on Non‑Human and Machine Identities.
Hands‑on experience with API Gateway platforms such as MuleSoft, Apigee, Kong, or AWS API Gateway, postman, Salt Security cloud-native API discovery, including policy enforcement and traffic control.
1+ years experience with secrets management HashiCorp Vault, including token lifecycle management, rotation, and auditability.
Experience with API authentication and authorization using OAuth 2.0, OpenID Connect, JWT, and mTLS.
Experience with API discovery and non‑human identity inventory, including service accounts and API tokens.
Working knowledge of API security risks and controls, including OWASP API Security Top 10 and mitigation strategies.
Experience with network and API‑adjacent security concepts (WAF, firewalls, traffic inspection, rate limiting).

Benefits

Comp & perks

Comprehensive mindfulness programme with a premium membership to Calm.
Volunteer Paid Time off available after 6 months of employment for eligible employees.
Company volunteer and donation matching programme – The company matches your volunteer hours or personal cash donations to an eligible charity with a charitable donation.
Employee Assistance Program.
Personalised wellbeing programmes through our OnTrack programme.
On-demand digital course library for professional development.
... and other local benefits!

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

API SecurityIAMSecrets ManagementAPI AuthenticationAPI AuthorizationToken Lifecycle ManagementPolicy EnforcementTraffic ControlAPI LoggingMonitoring

Soft Skills

LeadershipCollaborationCommunicationProblem SolvingAnalytical Thinking

Certifications

Bachelor's Degree in Computer ScienceBachelor's Degree in Engineering