Job Summary
We are seeking an experienced AWS IAM Engineer to design, implement, and manage secure identity and access management solutions across cloud environments. The ideal candidate will have strong expertise in AWS IAM services, authentication protocols, and cloud security best practices, ensuring secure, compliant, and scalable access control mechanisms.
Key Responsibilities
- Design and implement IAM policies, roles, and permission boundaries in AWS
- Manage user identities, groups, and access controls across AWS accounts
- Implement and maintain secure authentication mechanisms (MFA, SSO, federation)
- Integrate AWS IAM with enterprise identity providers (Azure AD, Okta, LDAP)
- Develop and enforce least privilege access models
- Monitor and audit IAM activities using CloudTrail, CloudWatch, and security tools
- Automate IAM provisioning and deprovisioning using Terraform/CloudFormation
- Ensure compliance with security standards and governance policies
- Conduct security assessments and access reviews
- Collaborate with DevOps and engineering teams to secure cloud applications
Required Skills & Qualifications
- Bachelor’s degree in computer science, IT, or related field
- Experience in cloud security or IAM
- Strong hands-on experience with AWS IAM services
- Knowledge of authentication & authorization protocols (OAuth2, SAML, OpenID Connect)
- Experience with SSO, federation, and identity lifecycle management
- Familiarity with AWS security services (GuardDuty, Security Hub, KMS)
- Experience with Infrastructure as Code (Terraform/CloudFormation)
- Strong scripting skills (Python, Bash, or similar)
- Understanding of network and application security principles
