Senior Software Engineer - Identity & Privileged Access Management
Used Tools & Technologies
Not specified
Required Skills & Competences
Tag name is followed by "@" symbol and proficiency level value.
About proficiency levels:
- 1-2 — basic awareness. Minimal hands-on experience, and a rudimentary understanding of the technology's purpose;
- 3-6 — daily use. Comfortable and regular usage, capable of handling common tasks and challenges related to the technology;
- 7-9 — you are an expert, you can teach others, you know all the pitfalls and tricks;
- 10 — exceptional knowledge, comprehensive understanding, and adeptness in all aspects of the technology, including advanced problem-solving. Think twice before claiming or demanding such level.
Security @ 4
Software Development @ 4
Ansible @ 4
Go @ 7
Linux @ 4
Terraform @ 4
Python @ 7
Java @ 7
Networking @ 4
macOS @ 4
Compliance @ 4
- 1-2 — basic awareness. Minimal hands-on experience, and a rudimentary understanding of the technology's purpose;
- 3-6 — daily use. Comfortable and regular usage, capable of handling common tasks and challenges related to the technology;
- 7-9 — you are an expert, you can teach others, you know all the pitfalls and tricks;
- 10 — exceptional knowledge, comprehensive understanding, and adeptness in all aspects of the technology, including advanced problem-solving. Think twice before claiming or demanding such level.
Details
Bloomberg’s Platform Security organization is responsible for securing the infrastructure, systems, and data that power our global financial information network. Within this organization, the Identity & Privileged Access Management (PAM) team ensures that every user, service, and system across Bloomberg securely and seamlessly accesses the resources they need—nothing more, nothing less.
We design, build, and scale the foundational services that govern identity, authorization, and privileged access across Bloomberg’s hybrid environment. Our systems are central to enforcing least privilege, meeting compliance requirements, and enabling secure connectivity and automation at enterprise scale.
Responsibilities
- Design and implement high-performance, fault-tolerant services that manage identities, roles, policies, and entitlements.
- Engineer automation to manage credentials, secrets, and privileged accounts across heterogeneous environments (Linux, Windows, macOS, cloud).
- Collaborate with partner teams in Platform Security, Infrastructure Engineering, and Compliance to deliver robust, auditable solutions.
- Integrate open source and vendor PAM technologies (e.g., Teleport, CyberArk) with Bloomberg’s internal platforms.
- Drive adoption of modern security engineering and infrastructure-as-code practices.
- Lead architectural and design discussions, mentor junior engineers, and champion best practices in secure software development.
Requirements
- 4+ years of hands-on software engineering experience.
- Strong programming skills in Python, Go, or Java.
- Deep understanding of authentication and authorization concepts (OAuth2, SAML, OIDC, RBAC, ABAC).
- Experience in building distributed and high-availability (HA) solutions targeting 99.9999% uptime.
- Solid understanding of Linux systems and networking fundamentals.
- Knowledge of infrastructure-as-code principles (e.g., Terraform, Ansible).
Nice to Have
- Solid understanding of cryptographic principles as they relate to secrets management, credential rotation, and secure remote access.
- Experience managing infrastructure at scale with an emphasis on secure automation and privileged task execution.
- Familiarity with operating system-level security controls used to enforce access restrictions (e.g., sudo policies, SELinux, eBPF, auditd).
- Experience integrating and securing both homegrown and third-party systems within a PAM framework.
- Hands-on experience designing and operating privileged access management platforms in complex enterprise environments.
- Understanding of enterprise identity ecosystems and how privileged access fits into broader governance and compliance initiatives.
Salary & Compensation
Salary Range: 160000 - 240000 USD Annually + Benefits + Bonus
The referenced salary range is based on the Company's good faith belief at the time of posting. Actual compensation may vary based on factors such as geographic location, work experience, market conditions, education/training and skill level.
Benefits
We offer a comprehensive benefits plan that may include merit increases, incentive compensation (exempt roles only), paid holidays, paid time off, medical, dental, vision, short and long term disability benefits, 401(k) with match, life insurance, and various wellness programs. The Company does not provide benefits directly to contingent workers/contractors and interns.
Additional Information
Business Area: Engineering and CTO
Location: New York
Ref #: 10047610
To apply, visit the company's careers site linked in the original posting.