Security Engineer, IAM & PAM
Quick Summary
At Midas, we are working on real-life engineering challenges to transform the world of finance. We’ve transformed investing in Turkey by delivering a seamless experience for everyday investors. Today, 4 million users invest with Midas.
Onboard all privileged accounts (human, service, and application accounts) across cloud, on-premise, and SaaS environments into the PAM platform, achieving full session isolation and automated credential rotation for critical assets.
Eliminate standing privileged access by designing and rolling out Just-in-Time (JIT) access and time-bound elevation workflows for critical systems, ensuring no permanently assigned admin roles exist in production environments.
Redesign and implement least-privilege RBAC for internal business applications, eliminating over-privileged role assignments, establishing complete role-to-team mapping, and operating automated access certification cycles.
Achieve comprehensive MFA and phishing-resistant authentication coverage for privileged and remote access, with conditional access policies enforced across all identity perimeters.
Automate the full Joiner-Mover-Leaver (JML) lifecycle across all identity sources, ensuring immediate deprovisioning for leavers and minimizing manual provisioning effort.
Discover, inventory, and vault all service accounts and secrets (API keys, tokens, certificates) across cloud and CI/CD pipelines, eliminating hard-coded credentials in code repositories through automated scanning and rotation.
Help the cyber defense team build identity threat detection & response (ITDR) capability by integrating IAM/PAM telemetry into the SIEM platform, achieving full alerting coverage for privileged session anomalies with rapid triage processes.
Strong experience with SSO/SAML/LDAP integrations, conditional access, identity governance
Hands-on experience with a PAM solution (CyberArk strongly preferred): safe management, PSM, CPM, onboarding privileged accounts
Solid understanding of authentication and authorization protocols
Familiarity with Turkish financial sector regulations (TCMB, SPK, KVKK) and audit processes is a strong plus
Experience with secrets management tools
Understanding of zero-trust principles, least privilege, and identity threat detection
Strong documentation skills in both Turkish and English; ability to produce audit-ready policy and procedure documents
Relevant certifications are a plus
Location & Eligibility
Listing Details
- Posted
- April 16, 2025
- First seen
- March 27, 2026
- Last seen
- July 11, 2026
Posting Health
- Days active
- 106
- Repost count
- 0
- Trust Level
- 25%
- Scored at
- July 11, 2026
Signal breakdown
Please let Getmidas know you found this job on Jobera.
4 other jobs at Getmidas
View all →Explore open roles at Getmidas.
Browse Similar Jobs
Stay ahead of the market
Get the latest job openings, salary trends, and hiring insights delivered to your inbox every week.
No spam. Unsubscribe at any time.