Rockwell Automation

Senior IAM Engineer – API Security/NHI

Rockwell Automation

full-time

Posted on:

Location Type: Hybrid

Location: PuneIndia

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

AWSCloudFirewallsSaltStackVault

About the role

  • Design and implement Non‑Human and Machine Identity controls for service accounts, API tokens, application credentials, and CI/CD system identities.
  • Establish centralised secrets management using HashiCorp Vault (or equivalent), enforcing secure storage, automated rotation and expiration, auditing, and removal of hard‑coded credentials.
  • Define API authentication and authorization standards, including OAuth 2.0, OpenID Connect, JWT, and mTLS, with least‑privilege access models.
  • Design and enforce API security policies using API Gateway platforms (MuleSoft, Kong, Apigee, AWS API Gateway, or equivalent), including rate limiting, throttling, and traffic control.
  • Lead centralised API governance, covering API registration, lifecycle management, and policy enforcement by an enterprise API gateway.
  • Increase adoption of the centralised IAM and API security stack, establishing and operationalizing the enterprise API gateway.
  • Implement API logging and monitoring, ensuring we forward API and identity events to the enterprise SIEM for visibility and threat detection.
  • Partner with SOC, platform, DevOps, and application teams to detect API abuse, anomalous behaviour, and misconfiguration.
  • Maintain architecture standards and reference designs for API identity, secrets management, and non‑human access control.
  • Ensure understanding of industry standards such as OWASP API Security Top 10, NIST, GDPR, HIPAA, and PCI‑DSS.

Requirements

  • Bachelor's degree in computer science, Engineering, or equivalent practical experience.
  • 8–10+ years of experience in IAM, API Security, or Application Security, with a focus on Non‑Human and Machine Identities.
  • Hands‑on experience with API Gateway platforms such as MuleSoft, Apigee, Kong, or AWS API Gateway, postman, Salt Security cloud-native API discovery, including policy enforcement and traffic control.
  • 1+ years experience with secrets management HashiCorp Vault, including token lifecycle management, rotation, and auditability.
  • Experience with API authentication and authorization using OAuth 2.0, OpenID Connect, JWT, and mTLS.
  • Experience with API discovery and non‑human identity inventory, including service accounts and API tokens.
  • Working knowledge of API security risks and controls, including OWASP API Security Top 10 and mitigation strategies.
  • Experience with network and API‑adjacent security concepts (WAF, firewalls, traffic inspection, rate limiting).
Benefits
  • Comprehensive mindfulness programme with a premium membership to Calm.
  • Volunteer Paid Time off available after 6 months of employment for eligible employees.
  • Company volunteer and donation matching programme – The company matches your volunteer hours or personal cash donations to an eligible charity with a charitable donation.
  • Employee Assistance Program.
  • Personalised wellbeing programmes through our OnTrack programme.
  • On-demand digital course library for professional development.
  • ... and other local benefits!
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
API SecurityIAMSecrets ManagementAPI AuthenticationAPI AuthorizationToken Lifecycle ManagementPolicy EnforcementTraffic ControlAPI LoggingMonitoring
Soft Skills
LeadershipCollaborationCommunicationProblem SolvingAnalytical Thinking
Certifications
Bachelor's Degree in Computer ScienceBachelor's Degree in Engineering