Identity & Security Engineer / Senior Engineer

Company Description

Company Description

If you're passionate about solving complex tech challenges, Kodez offers the space, scale, and support to make a real impact. Join us in building the future. 

We’re more than a tech consultancy; we’re a people-first company built to do things differently. Our founders left traditional consulting behind to create a place where genuine care, trust, and progress come first, for clients and for team members. 

Whether we’re helping clients accelerate delivery, modernise cloud platforms, or secure digital ecosystems, our work is rooted in real partnerships. We don’t just deliver solutions; we embed as part of a client’s team. 

Our services span Digital & Cloud, Identity & Security, and Data & AI, delivered through Consulting, Delivery, and Managed Services models. 

Join Kodez and be part of a company where care isn’t a tagline - it’s how we work. 

Eligibility:

This position is open only to Sri Lankan residents or those with a valid work visa. Applicants who do not meet this criterion will not be considered.

We are seeking a highly motivated Identity & Security Senior Engineer with 2–5 years of experience in infrastructure and cloud security, SOC engineering, and secure application development, with a strong focus on Identity and Access Management (IAM). This role is pivotal in protecting systems, data, and applications across internal environments and client landscapes. The ideal candidate will also bring expertise in implementing and supporting identity standards and solutions across modern enterprise platforms.

Key Responsibilities

• Design, implement, and manage security controls across servers, networks, and storage systems to reduce exposure to threats and vulnerabilities.
• Perform security audits, assessments, and penetration testing; enforce best practices for infrastructure hardening.
• Build and maintain secure, scalable, and compliant cloud environments on platforms such as AWS, Azure, or Google Cloud.
• Continuously monitor and optimise cloud security configurations; recommend improvements to align with compliance and risk management goals.
• Integrate cloud-native and third-party security tools within DevOps pipelines to ensure secure application delivery.
• Develop and maintain detection rules, scripts, and dashboards for real-time threat monitoring and automated response.
• Collaborate with SOC teams to triage, analyse, and respond to security events and incidents.
• Engineer automation for common incident response actions to improve response time and reduce manual effort.
• Contribute to secure software development processes, ensuring security controls are embedded in code and architecture.
• Perform secure code reviews and support developers in adopting secure coding practices (experience with Checkmarx is a plus).
• Investigate and manage security incidents, including threat containment, forensic analysis, and root cause resolution.
• Stay current with the threat landscape, security tools, and emerging technologies—including securing generative AI applications.
• Drive the adoption and enforcement of modern identity standards such as OIDC, SAML, and OAuth2 across internal and client systems.
• Configure and manage IAM solutions, including Okta, Auth0, WSO2 Identity Server, Ping Identity, and others.
• Support identity federation, SSO integrations, and access governance initiatives.
• Collaborate with application teams to implement identity-driven security architectures.

Required Skills & Qualifications

• 2–5 years of experience in security engineering, infrastructure/cloud security, SOC operations, and secure development.
• Proficiency with at least one major cloud provider (AWS, Azure, GCP) and associated security services.
• Solid programming/scripting skills (Python, Java, Bash, or similar).
• Experience with security operations tools (SIEM, SOAR, endpoint protection, and log management).
• Strong understanding of IAM protocols: OIDC, OAuth2, SAML and related flows.
• Hands-on experience configuring and operating one or more identity platforms such as Okta, Auth0, WSO2 Identity Server, Ping Identity, Azure AD B2C, etc.
• Practical experience with SSO, MFA, conditional access policies, and identity federation.
• Excellent problem-solving skills with a focus on security risk mitigation and incident prevention.
• Strong verbal and written communication skills with the ability to work collaboratively across cross-functional teams.
• Commitment to continuous learning and a demonstrated interest in securing modern technologies, including Generative AI (GenAI) solutions.