Senior Cloud Identity & Access Management (IAM) Engineer

Mandatory Skills :

Cloud Developer Engineer HandsOn Identity Automation DevOps, PingFederate, OKTA, MFA, Azure ID, AWS, Cloud Security Engineer Required Skills Primary Skills AWS and Azure Identity solution engineering automation Terraform mandatory CICD deployment documentation and operational support 7 years of Cloud Development Engineering experience delivering complex enterprise scale identity and security solutions Strong handson experience implementing AWS identity services AWS Identity Center AWS SSO permission sets account assignments governance AWS IAM roles policies trust relationships least privilege design MFA AWS multi account environments and AWS Organizations Experience integrating enterprise IdPs with AWS Ping Federate preferred including

SAMLOIDC

federation and SCIM provisioning Strong experience implementing Microsoft Entra ID Azure AD identity automation Service Principals SPNs App Registrations Enterprise Applications Role assignment automation and least privilege patterns Conditional Access deployment with safe rollout strategies Terraform

MANDATORY

experience developing modules managing remote state environment separation and secure variable handling Application onboarding to Entra ID DevOps and CICD pipeline engineering using Horizon Jenkins CircleCI and Bitbucket Ability to design secure auditable and scalable identity deployment pipelines Strong scripting experience with PowerShell andor Python Strong understanding of identity security best practices threat mitigation and access governance Indepth knowledge of

SSO MFA SAML

OAuth2OIDC token flows and federation technologies Experience with monitoring logging and compliance reporting for identity systems Experience using REST APIs Graph API and CICD best practices Ability to serve as a handson SME and collaborate across Security Cloud Audit and Operations teams Excellent communication skills with ability to articulate technical concepts to technical and nontechnical audiences Desired Skills Bachelors degree in computer science Information Security or equivalent experience Microsoft Azure Security Engineer AZ500 certification AWS Certified Security Specialty certification Experience with PingFederate administration and federation troubleshooting Experience building eventtoticket workflows eg ServiceNow Knowledge of CertificateCAPKI infrastructure and certificate-based authentication Experience with encryption and key management tools and processes We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, sexual orientation, or gender identity), national origin, citizenship status, age, disability, genetic information, protected veteran status, or any other characteristic protected by applicable law.