8
8-12 years of experience in cloud security, IAM, or infrastructure security engineering, preferably within BFSI or regulated enterprises.
Strong hands-on expertise in AWS security services, including:
AWS IAM (roles, policies, permission boundaries, SCPs)
AWS Organizations & multi-account governance
AWS Identity Center (SSO)
AWS KMS, Secrets Manager
AWS CloudTrail, Config, GuardDuty, Security Hub
Deep understanding of IAM design and governance, including:
Role-based and attribute-based access control (RBAC/ABAC)
Least privilege model implementation
Identity lifecycle management (joiner/mover/leaver)
Experience integrating AWS IAM with enterprise identity providers such as:
Azure AD / Entra ID
Okta or similar IdP platforms
Key Responsibilities
AWS IAM & Identity Security Leadership
Own the design and implementation of enterprise-wide AWS IAM strategy across multi-account environments.
Define and enforce least-privilege access models, including role-based and attribute-based controls.
Lead integration of AWS IAM with enterprise identity providers (Azure AD/Okta), ensuring secure SSO and federation.
Establish and maintain IAM governance processes, including access reviews, certification, and audit readiness.
Cloud Security Operations
Monitor and respond to security alerts across AWS using tools such as GuardDuty, Security Hub, and CloudWatch.
Investigate and remediate IAM-related security risks, misconfigurations, and access issues.
Oversee logging and monitoring strategy using CloudTrail, Config, and centralized SIEM integrations.
Collaborate with SecOps teams to ensure timely incident response and root cause analysis.
Access Management & Compliance
Manage user access lifecycle (provisioning, deprovisioning, entitlement reviews) across AWS environments.
Ensure compliance with regulatory and enterprise security standards (NIST, CIS benchmarks, etc.).
Conduct periodi c access audits and enforce remediation of policy violations.
Support internal and external audits by providing IAM evidence and controls documentation.
Security Architecture & Governance
Define and implement security guardrails using AWS Organizations, SCPs, and automation frameworks.
Partner with platform and application teams to embed security-by-design principles.
Drive adoption of policy-as-code and automated compliance checks in CI/CD pipelines.
Provide architectural guidance for secure onboarding of new workloads and services on AWS.
Never miss an opportunity! Create an alert based on the job you applied for.