Overview
Skills
Job Details
IAM & Cloud Security Engineer - Dallas TX - Onsite work - 12 + Months
Requisition Name: C&DE-CMT-IAM & Cloud Security Engineer
Start Date: 12/1/2025
Duration: 52 Weeks
Services Location: TX/Dallas / Onsite work
Rate: 55 $ phr on W2 or 65 $ phr on Corp- corp all inc
Description Of Services:
We are seeking a seasoned IAM & Cloud Security Engineer to drive the secure migration of identity, access, and security workloads from AWS to Azure and Google Cloud Platform, while establishing Policy-as-Code (PaC) and IAM Infrastructure-as-Code (IaC) automation frameworks. This role combines deep technical expertise in cloud IAM, policy governance, CI/CD automation, and infrastructure security. You will define, implement, and operationalize a unified security automation pipeline across Azure and Google Cloud Platform environments for Smart TV and Mobile Cloud infrastructure workloads. You will collaborate closely with DevOps, Cloud Platform, and Security Architecture teams to ensure secure-by-design implementations and compliance alignment across all environments.
Key Responsibilities: Identity and Access Management (IAM) Migration ? Lead IAM migration from AWS IAM policies, roles, and groups to Azure Active Directory, Azure RBAC, and Google Cloud Platform IAM roles and bindings. ? Develop Terraform IaC modules to automate IAM resource creation across Azure and Google Cloud Platform environments. ? Ensure the least privilege and separation of duties principles are enforced in all IAM configurations. ? Integrate cloud identity providers (Azure AD, Cloud Identity) with corporate SSO (SAML/OIDC). ? Establish service identities, workload identities, and managed identities for CI/CD and application workloads. Policy-as-Code (PaC) Governance ? Define and implement Policy-as-Code frameworks to enforce cloud governance and compliance baselines in Azure and Google Cloud Platform. ? Develop and maintain PaC pipelines using Terraform Sentinel, OPA (Open Policy Agent), or Azure Policy. ? Establish CI/CD pipelines for Policy-as-Code validation, testing, and deployment. ? Provide guidance and best practices for developing reusable and scalable PaC modules. ? Implement policy version control, exception management, and automated compliance enforcement. ? Collaborate with security architects to define policy coverage requirements (IAM, networking, encryption, storage, and tagging). CI/CD and Automation for Security & IAM ? Design and establish CI/CD pipelines for IAM IaC and Policy-as-Code deployments across Azure DevOps, GitHub Actions, and Google Cloud Build. ? Automate security control deployments using Terraform, including IAM roles, key management, and network policies. ? Integrate policy compliance checks into the CI/CD flow for both infrastructure and application security pipelines. ? Build reusable Terraform pipelines to enforce consistent security posture across environments. ? Establish pipeline security gates (pre-deployment and post-deployment) for IAM and PaC changes. Security Workload Migration (AWS ? Azure & Google Cloud Platform) ? Migrate security workloads such as WAF configurations, key management (KMS), and security analytics from AWS to Azure and Google Cloud Platform. ? Develop IaC for host infrastructure and application security controls in target clouds. ? Map AWS security services (IAM, KMS, WAF, GuardDuty) to Azure Security Center, Defender for Cloud, and Google Cloud Platform Security Command Center equivalents. ? Recreate AWS Config Rules and SCPs as Azure Policies and Google Cloud Platform Organization Policies. ? Ensure encryption, secrets management, and logging solutions are replicated or enhanced in target platforms. ? Participate in testing, validation, and audit readiness for migrated security components. Security Monitoring, Compliance & DR Integration ? Integrate monitoring and alerting with Azure Monitor, Google Cloud Platform Operations Suite, and SIEM tools. ? Enable IAM and security event logging via Azure Activity Logs, Google Cloud Platform Audit Logs, and Cloud Logging. ? Contribute to Disaster Recovery (DR) security alignmentensuring IAM, policy, and encryption configurations are recoverable and consistent across regions. ? Maintain auditability and compliance mapping (ISO 27001, NIST, SOC 2)
Deliverables:
-Process Flows -Mentor and Knowledge transfer to client project team members -Participate as primary, co and/or contributing author on any and all project deliverables associated with their assigned areas of responsibility -Participate in data conversion and data maintenance -Provide best practice and industry specific solutions -Advise on and provide alternative (out of the box) solutions -Provide thought leadership as well as hands on technical configuration/development as needed. -Participate as a team member of the functional team -Perform other duties as assigned.
Acceptance Criteria:
Preferred Skills: ?
Experience with Azure Blueprints, Google Cloud Platform Forseti Config Validator, or OPA Conftest. ?
Familiarity with cross-cloud SSO and federated identity models. ?
Strong scripting background (Python, PowerShell, or Bash). ?
Prior experience migrating workloads from AWS ? Azure and AWS ? Google Cloud Platform. ? Certifications: ?
Google Professional Cloud Security Engineer ?
Microsoft Certified: Azure Security Engineer Associate ?
AWS Certified Security Specialty ?
HashiCorp Certified: Terraform Associate Soft Skills: ?
Strategic thinker with a strong analytical and automation mindset. ?
Excellent communication across cloud platforms, DevOps, and compliance teams. ?
Strong documentation discipline and adherence to governance frameworks. ?