Principal I – Identity & Access Management (IAM) Security Engineer Mexico City Location Mexico City – Insurgentes SurWork Model: 100% On-siteSchedule: Monday to Friday, 9:00 AM – 6:00 PMIndustry: Pharmaceutical (end client) Position Summary We are seeking a Principal I – Identity & Access Management (IAM) Security professional to join the IT Security organization of a leading Pharmaceutical company . This role is responsible for leading the design, implementation, and optimization of secure, scalable IAM capabilities, with a strong focus on Privileged Access Management (PAM) . This position plays a strategic and hands‑on role in protecting critical digital platforms, enforcing security standards, and ensuring compliance within a highly regulated environment. The role is based on‑site in South Mexico City (Insurgentes Sur) . Key Responsibilities Lead the design and implementation of enterprise IAM solutions, with a primary focus on Privileged Access Management (PAM) . Architect and manage PAM capabilities, including: Secure vaulting of privileged credentials Automatic password rotation for human and non-human accounts Credential checkout and check-in workflows API-based secrets retrieval for applications and CI/CD pipelines Encryption of credentials at rest and in transit Develop, enforce, and promote adoption of IAM and PAM security policies and standards. Collaborate with IT, infrastructure, application, and security teams to integrate IAM solutions across the enterprise. Support security and risk assessments to identify, prioritize, and remediate IAM-related vulnerabilities. Provide technical leadership, mentorship, and guidance to IAM and security team members. Identify and implement automation opportunities and continuous improvements within IAM and PAM platforms. Act as a subject matter expert, providing strategic guidance on IAM architecture, security best practices, and threats. Evaluate existing IAM and security systems, perform regular maintenance, and ensure reliability and operational excellence of identity services. Qualifications & Experience 8–10 years of total experience in Identity & Access Management, cybersecurity, or related engineering roles. Strong hands‑on experience with Privileged Access Management (PAM) solutions (3–4+ years). Advanced PowerShell scripting skills for automation and administration. Deep expertise in Microsoft Active Directory environments. Strong knowledge of Public Key Infrastructure (PKI) , including MS-PKI, DigiCert PKI, AWS certificates, and Entra ID certificates. Proven experience in IAM engineering and/or architecture roles. Solid understanding of enterprise security controls, authentication, authorization, and compliance requirements. Advanced English proficiency (written and spoken). Additional Information / Benefits On-site position located in Insurgentes Sur, Mexico City . Office facilities include on-site parking and cafeteria service . Opportunity to work with a global Pharmaceutical client in a highly critical and regulated environment. High-impact, senior-level role with strong technical ownership and visibility. #J-18808-Ljbffr