Cloud Engineer Identity and Access Management (IAM)
We are currently seeking an experienced Cloud Engineer with deep expertise in Cloud Identity and Access Management (CIAM). The ideal candidate will have hands-on experience with public cloud servicesprimarily Azure and AWSand a strong background in IAM tools, security controls, and cloud-native solutions.
Key Responsibilities:
- Design and implement IAM solutions for application migration and integration across Azure, AWS, and other cloud platforms
- Provide IAM support for complex, multi-tier applications being transitioned to the cloud
- Recommend appropriate IAM cloud controls based on application and business requirements
- Collaborate with global teams to deliver innovative, scalable, and secure cloud-native solutions
- Work closely with cloud service vendors to develop and deploy IAM features that meet enterprise standards
- Integrate, configure, and document compliant infrastructure and support services within the cloud platform
- Optimize and document operational aspects of the IAM and cloud environment
- Troubleshoot IAM and access control issues, identify root causes, and develop effective resolutions
- Partner with Risk Management to ensure that cloud IAM implementations align with regulatory and control requirements
Required Skills and Experience:
- Strong expertise in Azure AD and services such as Conditional Access, Identity Protection, and Privileged Identity Management
- Deep understanding of authentication protocols including SAML, OAuth, OpenID Connect, and Kerberos
- Hands-on experience with Federated Identity solutions (e.g., Ping Federate, ADFS)
- Solid knowledge of Zero Trust Architecture principles
- Proven experience implementing Role-Based Access Control (RBAC) in both AWS and Azure
- Ability to create detailed technical architecture documentation
- Excellent written and verbal communication skills
- Proficiency in scripting and automation, especially with PowerShell and/or Python
- Background in Active Directory or other LDAP-based identity stores
- Experience with Azure AD Connect or similar synchronization technologies
- Familiarity with compliance assurance tools such as Prisma Cloud
- Exposure to HashiCorp products like Terraform, Vault, and Consul
- Understanding of risk control frameworks and regulatory requirements
- Experience with CI/CD pipelines and DevOps tools (e.g., Jenkins, GitHub Actions)
- Prior experience in the financial services industry
