AWS IAM DevSecOps Engineer IV- Remote

AWS IAM DevSecOps Engineer IV
Remote - working CST/EST hours
6-month contract
Pay Range $78.00-82.00/hr.

Our client is seeking a senior-level AWS IAM DevSecOps Engineer to help accelerate the delivery of our cloud-based Identity and Access Management (IAM) services. This role sits within their Cybersecurity IAM Service Organization and focuses on building, automating, and standardizing AWS IAM capabilities for non-human identities across the enterprise. You'll be part of a team responsible for delivering AWS IAM as a service to other internal product and application teams (e.g., ATM, Money Movement). This is a hands-on technical role requiring deep AWS and automation expertise, not a governance or administration position.

Responsibilities

• Design, build, and deliver AWS IAM as a service for internal cloud consumers.
• Develop and maintain Terraform code to automate IAM resource provisioning.
• Integrate IAM services into CI/CD pipelines using GitHub, Jenkins, or similar tools.
• Write automation scripts (e.g., Python) to standardize and scale IAM delivery.
• Define and enforce security and identity standards across AWS accounts and workloads.
• Collaborate with application and infrastructure teams to ensure consistent and secure IAM adoption.
• Support the implementation of IAM for non-human identities (service accounts, applications, workloads).
• Contribute to continuous improvement of IAM automation, monitoring, and compliance practices.

Required Skills

• 3 years of hands-on AWS IAM experience, with a focus on automation and service delivery.
• Proven experience working in DevSecOps or Cloud Infrastructure as Code (IaC) environments.
• Strong proficiency with Terraform, GitHub, and CI/CD pipelines.
• Practical scripting experience (e.g., Python, Bash, or PowerShell).
• Deep understanding of non-human identities, permissions, and access controls within AWS.
• Ability to deliver scalable IAM solutions across multiple AWS accounts and teams.
• Strong collaboration and communication skills to work across cybersecurity and development groups.

Bonus Skills

• Broader AWS DevSecOps background with proven delivery of security automation.
• Experience developing standardized IAM templates, modules, or frameworks.
• Prior experience working in large, regulated enterprise environments.

Candidates with the following profiles will not be considered for this role:

• SailPoint, Okta, Ping, or Azure AD Administrators focused on human identity management, MFA, or SSO integrations.
• Generic cloud cybersecurity professionals without specific AWS IAM and automation experience.
• Individuals who cannot demonstrate real, hands-on technical capabilities during the interview.