Cloud IAM Specialist

Cloud IAM Specialist

Position Overview
We are seeking an experienced Cloud Identity and Access Management (IAM) Specialist to strengthen our security posture across multi-cloud environments. This role will be responsible for assessing, implementing, and optimizing IAM controls and governance across AWS, GCP, Microsoft Entra ID (formerly Azure AD), and Azure resources.
Key Responsibilities

• Conduct comprehensive IAM security assessments across cloud platforms to identify gaps, vulnerabilities, and areas for improvement
• Design and implement robust IAM policies, role-based access controls, and least privilege frameworks
• Perform regular security audits of identity governance practices and develop remediation strategies
• Monitor and analyze identity-related security events across cloud environments to detect and respond to suspicious activities
• Develop automated solutions for continuous monitoring of IAM configurations and permissions
• Create and maintain IAM architecture documentation, policies, and procedures
• Collaborate with development, operations, and security teams to implement secure access management practices
• Provide expert guidance on IAM best practices and cloud security standards
• Lead implementation of Just-In-Time (JIT) access and Privileged Access Workstations (PAW)
• Support cloud security posture management (CSPM) initiatives

Required Qualifications

• 5+ years of experience in IT security with at least 3 years specializing in cloud IAM
• Hands-on experience with AWS IAM, GCP IAM, Microsoft Entra ID, and Azure RBAC
• Strong knowledge of identity governance principles and frameworks
• Experience with cloud security assessment tools and methodologies
• Proficiency in scripting languages (PowerShell, Python, etc.) for automation of IAM tasks
• Understanding of compliance frameworks (SOC2, ISO 27001, NIST, etc.) and how they relate to identity controls
• Experience implementing and managing Privileged Access Management (PAM) solutions
• Knowledge of OAuth 2.0, SAML, OIDC, and other modern authentication protocols
• Experience with identity lifecycle management and user provisioning/de-provisioning processes

Preferred Qualifications

• Relevant certifications: AWS Certified Security Specialist, Microsoft Certified: Azure Security Engineer, GCP Professional Cloud Security Engineer, CISSP, or CCSP
• Experience with SIEM platforms and security monitoring tools
• Knowledge of infrastructure-as-code tools for security configurations (Terraform, CloudFormation)
• Understanding of Zero Trust security models and implementation strategies
• Experience with identity federation and single sign-on (SSO) implementations
• Familiarity with SailPoint, CyberArk, or other IAM/PAM specialized platforms
• Background in security incident response related to identity breaches or compromises

Skills and Attributes

• Strong analytical skills with attention to detail
• Excellent problem-solving abilities and security mindset
• Effective communication skills for translating technical concepts to various stakeholders
• Ability to work independently and as part of a team
• Commitment to staying current with evolving cloud security threats and technologies
• Experience working in agile environments and collaborating with DevOps teams
• Proven ability to manage multiple priorities in a fast-paced environment

Industry Trends & Expectations

• Experience implementing “shift left” security practices for IAM in DevSecOps pipelines
• Familiarity with cloud-native security services like AWS Security Hub, Azure Security Center, and GCP Security Command Center
• Knowledge of emerging technologies like FIDO2, passwordless authentication, and behavioral analytics
• Experience with automated remediation of IAM misconfigurations and security gaps
• Understanding of cloud entitlement management (CIEM) solutions and least privilege enforcement

This role offers the opportunity to make a significant impact on our organization's security posture while working with cutting-edge cloud technologies and identity solutions.