• Coordenar iniciativas técnicas e operacionais de segurança, liderar profissionais da área e atuar de forma próxima com times de engenharia, produto, dados e infraestrutura cloud. • Liderar e desenvolver o time de segurança cibernética, realizando 1:1, feedbacks contínuos, PDI e acompanhamento de performance. • Apoiar no processo de controle de orçamento da área. • Garantir o bom funcionamento da operação de segurança e priorização adequada das iniciativas. • Ajudar a promover cultura de segurança dentro da empresa. • Coordenar projetos garantindo o correto planejamento, execução, acompanhamento de métricas e comunicação eficaz com as demais áreas em iniciativas relacionadas a: Identity and Access Management (IAM) • Mobile Device Management (MDM) • Endpoint Security • Cloud Security (ambiente multicloud) • Vulnerability Management • SOC / Detection & Response • Red Team / Offensive Security • Governança, Risco e Compliance (GRC)

Role Description As a Security Engineer you will form part of JUMO’s dedicated Security Team. Our mission is to raise JUMO's overall security posture, by identifying security issues and helping teams to understand and address them. JUMO’s tech stack runs in AWS and includes: - AWS EKS - Terraform - Microservices written in Kotlin - Datadog - CI/CD based on Github Actions and ArgoCD You will report into the Head of Security. You will: - Help to discover and triage vulnerabilities from various sources. - Design, configure, deploy, and maintain secure configurations across JUMO’s cloud and endpoint estate. - Work with engineering teams to complete threat modeling exercises. - Work with teams across JUMO to improve the SDLC and help secure the systems they are responsible for. - Write code to automate tasks and integrate it with other products and integrations. - Implement and improve security observability. - Respond to, document and automate incident responses. - Help secure JUMO’s use of AI tooling. - Proactively seek ways to improve existing processes and systems related to incidents, vulnerabilities, security control systems, and risks. - Coach, mentor, and share knowledge within the team. Qualifications - 3+ years of information security experience. - Experience in a security implementation and operations environment. - Good foundational programming experience, in a modern language such as Python, as well as Infrastructure-as-Code (Terraform). - Experience with cloud services such as cloud providers, SSO, cloud email gateways, cloud productivity suites. - Ability to build relationships and work effectively with other teams. - Ability to effectively prioritize tasks and take initiative. - A keen eye to identify process constraints and find solutions to alleviate these. - Ability to work independently and be comfortable with responsibility. Requirements - Bonus if you have stronger coding experience. For example, you can write code that interacts with a set of APIs, transforms the data, stores it in a database, and pushes it to another API. Benefits - Collaborating with smart, engaging people in an inspiring work environment. - Working as one team towards our goal of financial inclusion. - Growing and learning continuously, with loads of encouragement and support. - Boldly taking risks as we navigate new challenges. - Flexible work practices enabling your best delivery. - Being autonomous and empowered to lead. - A stack of leading-edge technologies. - Remote First: This position is based remotely in any country between UTC+0 and UTC+3 timezones. Company Description At JUMO, we firmly believe that diversity strengthens our teams. We are dedicated to fostering an inclusive recruitment process that cultivates an environment where all individuals can be authentic, collaborate, and thrive.

At Ensono, our Purpose is to be a relentless ally, disrupting the status quo and unleashing our clients to Do Great Things! We enable our clients to achieve key business outcomes that reshape how our world runs. As an expert technology adviser and managed service provider with cross-platform certifications, Ensono empowers our clients to keep up with continuous change and embrace innovation. We can Do Great Things because we have great Associates. The Ensono Core Values unify our diverse talents and are woven into how we do business. These five traits are the key to achieving our purpose:Honesty, Reliability, Curiosity, Collaboration, and Passion. About the role and what you'll be doing: The Senior IAM Engineer serves as a technical authority and trusted advisor, leading the design and delivery of Identity and Access Management (IAM) solutions in support of complex application migrations and enterprise security initiatives. Operating within client governance frameworks, this role partners closely with client stakeholders, architects, and security leadership to define IAM strategies, establish integration standards, and guide implementation outcomes. The Senior IAM Engineer is accountable for the technical quality, security posture, and scalability of IAM solutions and provides leadership across the IAM lifecycle—from design and implementation through migration, testing, and operational readiness. While this role remains hands-on, it extends beyond execution to include technical decision-making, architectural leadership, and mentorship, ensuring IAM solutions align with business objectives, regulatory requirements, and enterprise security standards. KEY RESPONSIBILITIES IAM Architecture & Design Leadership - Lead the design and implementation of IAM solutions across authentication, authorization, secrets management, identity governance, and privileged access domains - Define and maintain IAM reference architectures, integration patterns, and best practices aligned to enterprise standards - Provide technical recommendations and trade-off analysis balancing security, usability, scalability, and operational efficiency - Participate in architecture reviews and influence client IAM roadmaps and modernization strategies Delivery Ownership & Execution - Own IAM outcomes for assigned programs and migrations, ensuring solutions meet security, compliance, and performance expectations - Lead IAM readiness activities for migrations and cutovers, including risk identification, mitigation planning, and execution support - Guide and execute IAM configuration and integrations for SSO, MFA, federation, PAM, and secrets management - Develop and enhance accelerators, automation, and self-service capabilities to improve delivery efficiency and consistency Security, Risk & Compliance - Ensure IAM implementations align with enterprise security policies, regulatory requirements, and audit standards - Lead or coordinate IAM-related security testing, including authentication/authorization validation and vulnerability assessments - Identify IAM risks and proactively recommend remediation or improvement opportunities Technical Leadership & Collaboration - Serve as a point of escalation for complex IAM issues and defect resolution - Mentor junior engineers and review IAM designs, configurations, and documentation - Collaborate with application teams, cloud engineers, security operations, and governance partners to drive successful IAM adoption - Document IAM architectures, configurations, and operational procedures for long-term sustainability We want all new Associates to succeed in their roles at Ensono. That's why we've outlined the job requirements below. To be considered for this role, it's important that you meet all Required Qualifications. If you do not meet all of the Preferred Qualifications, we still encourage you to apply. Required Qualifications: - 7+ years of progressive experience in Identity and Access Management engineering, including leadership of complex IAM initiatives - Proven experience designing and implementing IAM solutions in large-scale, hybrid, or cloud environments - Demonstrated ability to act as a technical authority and advisor, influencing IAM decisions and standards - Hands-on expertise with enterprise IAM technologies, including: - Privileged Access Management (PAM) - CyberArk (Enterprise Password Vault, Privileged Session Manager, Central Credential Provider, Conjur) - HashiCorp Vault (secrets engines, policies, authentication methods, dynamic credentials) - Authentication / Identity Providers (IDP) - ForgeRock (Access Management, Identity Management, Directory Services, Identity Gateway) - RSA (SecurID Authentication Manager, MFA, Identity Governance & Lifecycle) - User Access & Entitlement Management - SailPoint (IdentityIQ, IdentityNow – access certifications, provisioning, role management) - ESF (Enterprise Security Framework – entitlement management and access controls) - Strong experience with authentication and federation protocols: SAML, OAuth 2.0, OpenID Connect, Kerberos - Advanced knowledge of Active Directory, LDAP, and identity integrations - Experience with cloud platforms (AWS, Azure) and cloud-native IAM services - Strong scripting and automation capabilities (PowerShell, Python, Terraform, or equivalent) - Excellent troubleshooting, analytical, and communication skills Preferred Qualifications: - CyberArk Certified Defender or Delivery Engineer - HashiCorp Certified Vault Associate / Professional - ForgeRock Certified Engineer - SailPoint Certified IdentityIQ Engineer - RSA Certified Administrator - Experience in financial services or highly regulated industries Why Ensono? Ensono is a place to make better happen – for our clients and for your career. You can do great things through innovation or collaboration, by learning or volunteering, or to promote diversity and inclusion. You can do great things for your own health or for a healthier planet. Whatever it means to you to do great things we want Ensono to be the place you can do it. We are a client-facing business, but we do encourage clients to allow us to work remotely most of the time so if you are not required to be on a client site, you can choose to work from home or in our Ensono office Some of our benefits include: - Unlimited Paid Days Off - Three health plan options - 401k with company match - Eligibility for dental, vision, short and long-term disability, life and AD&D coverage, and flexible spending accounts - Family Forming Benefit including fertility coverage and adoption/surrogacy reimbursement - Paid childbearing and paternal leave - Education Reimbursement, Student Loan Assistance or 529 College Funding - Sabbatical leave - Wellness program - Flexible work schedule As of the date of this posting, a good faith estimate of the current pay scale for this role is $125,000 to $150,000 annually based on a full-time schedule. Please note that placement in the range may vary based on numerous factors including but not limited to skills, experience, internal equity, and business needs. In addition to base salary, other compensation programs, depending on eligibility, include an annual bonus plan based on company and individual performance and an equity grant under our Associate Equity Appreciation Program. Ensono is an Equal Opportunity/Affirmative Action employer. We are committed to providing equal employment to our Associates and building a diverse and inclusive workforce. All qualified applicants will be considered without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or other legally protected basis, in accordance with applicable law. Pay transparency nondiscrimination statement/posting OFCCP’s pay transparency policy can be found on OFCCP’s website. If you need accommodation at any point during the application or interview process, please let your recruiter know or email USTalentAcquisition@ensono.com.

• Perform ongoing policy and rule management, console configuration management, health checks (policy effectiveness reviews/ false positives etc.), policy upgrades, solution health monitoring & use case consultations. • Perform customer case management including timely response and status updates, effective escalations, and documentation of action plan and steps taken to achieve service level objectives. • Perform any required configuration changes to MSP systems • Direct customer interaction to facilitate the troubleshooting and artifact collection for diagnosis. • Liaise with customers, as well as perform effective and timely case resolution. • Participate actively in training to maintain a working knowledge of the products and their operation, configuration and available functionality. • Perform application and forensic reporting tasks including archive recovery, data export, customer report execution and integration setup. • Follow change management process support by providing clear documentation of planned actions and their status and result. • Perform proactive actions such as monitoring key systems & service health metrics e.g. resource utilization tracking, job status monitoring and issue resolution. • Work with cross functional team to deliver secure, stable and supportable infrastructure