Experience one of the biggest IT Service companies in the world!! Here you can transform your career! Why join TCS? Here at TCS we believe that people make the difference, that's why we live in a culture of unlimited learning full of opportunities for improvement and mutual development. The goal is to expand ideas through the right tools, contributing to our success in a collaborative environment. We are looking for Privileged Access Management Engineer . Role Overview We are looking for an experienced IAM Engineer to design, implement, and manage secure identity and access frameworks, with a strong focus on privileged access management, non-human identities (NHI), and AI identity security across multi-cloud environments. Roles & Responsibilities Design and implement strategic controls for securing non-human identities (NHI) using modern privileged access principles. Collaborate with Technology Risk teams to define and enforce IAM policies, standards, and governance controls . Act as a Subject Matter Expert (SME) in AI identity security, privileged access, and preventive/detective controls. Secure integrations with cloud platforms and external vendors , ensuring encryption and data privacy compliance. Manage cross-functional stakeholders through updates, demos, and requirement alignment. Integrate IAM solutions with enterprise security tools and drive automation to improve efficiency and accuracy. Monitor and respond to security incidents , perform root cause analysis, and provide on-call IAM support. Implement and enforce controls across Cloud IAM platforms (AWS IAM, Azure Entra ID) . Must-Have Skills & Qualifications 7+ years of IAM experience with strong expertise in Privileged Access Management (PAM) . Hands-on experience with tools like CyberArk, StrongDM, Azure Key Vault, AWS Secrets Manager . Strong understanding of AI/Agentic Identity Security including: Least privilege models OAuth2, mutual TLS Model Context Protocol (MCP) Policy-based guardrails Experience in machine identity management (certificates, SPIFFE/SPIRE, workload identities). Knowledge of API gateways and service meshes (Kong, Istio, Apigee). Proficiency in IAM automation tools: Terraform, Ansible, Pulumi, Python . Strong knowledge of authentication & authorization : SSO, SAML, OIDC, OAuth2 SCIM, RBAC, ABAC, Zero Trust Experience with directory services and identity platforms : Azure AD / Entra ID, AWS AD, Okta Expertise in privileged access controls : Credential vaulting Session monitoring PAM/PAW models Understanding of cloud IAM (AWS, Azure, GCP) and security best practices. Familiarity with threat modeling, insider risks, continuous authentication, and OWASP Top 10 NHI risks . Strong communication, stakeholder management, and leadership skills .