The Cyber Security Engineering Privileged Access Management team are looking for an independent, pro-active, and aspiring individual who is committed to making a meaningful contribution, as a Lead Engineer to lead in the design, implementation, and lifecycle management of enterprise-grade PAM solutions across multi-site and multi-cloud environments (AWS, Azure, GCP). You’ll serve as a technical authority for PAM, shaping standards, delivering sophisticated migrations, and ensure privileged access is secure, auditable, and resilient.

Key Responsibilities

• Design and implement PAM capabilities (vaulting, session management/recording, credential rotation, least privilege, EPM/PRA) across on-prem and cloud workloads.
• Lead complex integrations with AD/EntraID, IdPs, SIEM/SOAR, CSPM, ITSM, DevOps tooling (CI/CD), and secrets management.
• Be responsible for the operational model: backup/recovery, DR, platform upgrades, policy hardening, performance tuning, and continuous improvement.
• Drive onboarding at scale ensuring standardized onboarding patterns and controls.
• Establish guardrails and RBAC/ABAC models aligned to Zero Trust and regulatory frameworks (ISO 27001, SOC 2, NIST 800-53/63).
• Define and maintain technical roadmaps, standards, and reference architectures; mentor engineers and review develop/runbooks.
• Lead security assessments, threat modeling, and control efficacy reviews; partner with risk/compliance and audit functions on evidence and remediation.
• Solve complex issues end-to-end, including proxy/connector components, high-availability clusters, and multi-region architectures.

Technical / job functional knowledge

Consistent record implementing and operating PAM at scale in complex enterprises (multi-site, multi-cloud).

Hands-on expertise with at least one of the top PAM vendors (e.g., CyberArk, Delinea, BeyondTrust, One Identity), including deployment, integration, and automation.

Solid understanding of Windows/Linux administration, AD/EntraID, networking and database fundamentals (TLS/PKI, proxies, firewalls), and identity protocols (SAML/OIDC/OAuth).

Automation proficiency (PowerShell, Python, REST APIs) and Infrastructure-as-Code (Terraform/CloudFormation) for repeatable deployments.

Experience with SIEM (e.g., Splunk, Sentinel, QRadar) and SOAR integrations for session telemetry, alerts, and response.

Proven leadership in defining standards, runbooks, and governance; excellent customer engagement and interpersonal skills.

Additional desired capabilities

• Experience with endpoint privilege management (Windows/macOS/Linux), JIT access, and Kubernetes/containers.
• Exposure to segmentation and network security (micro-segmentation, PAM proxies, bastion hosts).
• Relevant certifications (e.g., CyberArk Defender/Sentry, Azure/AWS Security, CISSP, CCSP).

Diversity & Inclusion

People are at the heart of what we do and drive the success of our business. Our colleagues thrive personally and professionally through our shared values of Integrity, Partnership, Innovation and Excellence are at the core of our culture. We embrace diversity and actively seek to attract people with unique backgrounds and perspectives. We are always looking at ways to become more agile, so we meet the needs of our teams and customers. We believe that an inclusive collaborative workplace is pivotal to our success and supports the potential and growth of all colleagues at LSEG

Proud to share LSEG in the India is Great Place to Work certified (Jun ’25 – Jun ’26).

Learn more about life and purpose of our company directly from India colleagues’ video: Bengaluru, India | Where We Work | LSEG

Career Stage:

London Stock Exchange Group (LSEG) Information:

Join us and be part of a team that values innovation, quality, and continuous improvement. If you're ready to take your career to the next level and make a significant impact, we'd love to hear from you.

LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies and enabling customers to create sustainable growth.

Our purpose is the foundation on which our culture is built. Our values of Integrity, Partnership, Excellence and Change underpin our purpose and set the standard for everything we do, every day. They go to the heart of who we are and guide our decision making and everyday actions.

Working with us means that you will be part of a dynamic organisation of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce.

We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone’s race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Conforming with applicable law, we can reasonably accommodate applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs.

You will be part of a collaborative and creative culture where we encourage new ideas. We are committed to sustainability across our global business and we are proud to partner with our customers to help them meet their sustainability objectives. Our charity, the LSEG Foundation provides charitable grants to community groups that help people access economic opportunities and build a secure future with financial independence. Colleagues can get involved through fundraising and volunteering.

LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days and wellbeing initiatives.

Please take a moment to read this privacy notice carefully, as it describes what personal information London Stock Exchange Group (LSEG) (we) may hold about you, what it’s used for, and how it’s obtained, your rights and how to contact us as a data subject.

If you are submitting as a Recruitment Agency Partner, it is essential and your responsibility to ensure that candidates applying to LSEG are aware of this privacy notice.

Location: IND-BLR-Divyasree Technopolis

Time Type: Full time