Overview
Skills
Job Details
Role: IAM Engineer - AWS Security
Location: Remote (Preferred: Raleigh, NC)
Role Overview
We are seeking an experienced IAM Engineer with deep expertise in AWS security services, Identity and Access Management (IAM), and cloud compliance frameworks. This role will own and strengthen the security posture of the AWS platform, implement preventive guardrails, and ensure continuous compliance through automation.
Key Responsibilities
-
Own and maintain the overall AWS security posture, ensuring alignment with industry compliance standards
-
Design, implement, and manage IAM policies, SCPs, and security controls across multiple AWS accounts
-
Configure and manage AWS security services including:
-
AWS Config
-
GuardDuty
-
Security Hub
-
Macie
-
KMS (Key Management Service)
-
-
Automate security controls and evidence collection for compliance frameworks such as:
-
PCI DSS
-
SOC 2
-
ISO 27001
-
-
Perform security reviews, identify gaps, and drive remediation activities
-
Collaborate with platform, DevOps, and compliance teams to enforce secure cloud architecture
Required Skills (Must-Have)
-
AWS Security Services: Strong hands-on experience with AWS native security tools
-
IAM: Deep expertise in IAM roles, policies, permission boundaries, SCPs
-
Encryption & Key Management: KMS, PKI concepts, encryption at rest and in transit
-
Compliance Frameworks: Practical experience supporting audits and regulatory requirements
-
Infrastructure as Code: Terraform for security automation and policy enforcement
-
Security Tooling: Experience with tools such as Qualys (or similar vulnerability scanners)
Preferred / Nice-to-Have Skills
-
Experience with Cloud Control Matrix (CCM)
-
Exposure to multi-account AWS environments and landing zone architectures
-
Strong documentation and audit-readiness mindset
-
Experience working in regulated or enterprise cloud environments