Role: IAM Engineer
Location: Plano, TX
Duration:LongTerm
Role Description
Seeking an experienced IAM (Identity and Access Management) Specialist/Engineer to support the implementation of Google Cloud Platform Atlas 2.0 Control Plane and Vertex AI enablement for a large-scale financial services client. This role will be critical in establishing secure, governed access to Google Gemini AI model endpoints while maintaining strict compliance with enterprise security standards.
Tech skills needed
Google Cloud Platform IAM Expertise
Deep experience with Google Cloud IAM
Google Cloud Platform Vertex AI IAM
Resource hierarchy
Infrastructure as Code
Terraform - Advanced proficiency:
o Google Cloud Platform provider expertise (google, google-beta)
o IAM module development
o State management and remote backends
o Workspace and environment management
Python - Strong scripting skills for automation:
o Google Cloud Client Libraries
o IAM policy manipulation and validation
o API integration and orchestration
Security & Compliance
Strong understanding of zero-trust architecture principles
Experience with data classification and sensitivity-based access controls
Knowledge of financial services compliance requirements
Familiarity with SOC 2, ISO 27001, PCI-DSS or similar frameworks
Understanding of encryption, key management (Cloud KMS), and secrets management (Secret Manager)
Networking & Security Controls
Understanding of VPC networking and its intersection with IAM (private Google access, shared VPC)
Experience with VPC Service Controls and security perimeters
Knowledge of firewall rules, Cloud Armor, and Cloud Load Balancing as they relate to access control
Familiarity with PrivateLink/Private Service Connect patterns
Supporting Technical Skills
Git/version control - experience with GitLab, GitHub, or Bitbucket
CI/CD pipelines - Jenkins, GitLab CI, Cloud Build, or similar
API security - OAuth 2.0, OIDC, API keys, and token management
Logging and monitoring - Cloud Logging, Cloud Monitoring, integration with SIEM tools
Container security - GKE workload identity, service mesh authentication (Istio/Anthos Service Mesh)
Regards,
Radiantze Inc