Overview
Remote
On Site
80-100/hr
Contract - W2
Contract - 6 Month(s)
Skills
FOCUS
Cloud Security
Bitbucket
GitHub
SailPoint
Identity Management
Access Control
RESTful
SQL
Amazon EC2
Amazon S3
Continuous Integration
Continuous Delivery
Terraform
Provisioning
Microsoft Azure
Command-line Interface
Scripting
Ansible
Configuration Management
Multi-factor Authentication
Cloud Computing
WINS
Scalability
Dashboard
Workflow
ServiceNow
Configuration Management Database
Lifecycle Management
Security Operations
KPI
Reporting
Regulatory Compliance
Amazon Web Services
Management
Data Quality
Business Analysis
Business Analytics
IDC
Collaboration
Partnership
Research
Data Link Layer
RACI
Job Details
Cloud Engineer
Cloud Engineer AWS & Identity & Access Management (IAM) Focus
Experience: 4+ years in AWS Cloud Security & Engineering
Certifications Preferred: AWS Certifications (e.g., Solutions Architect, Security Specialty)
Tools & Technologies:
AWS IAM, AWS Identity Center, SCPs, RCPs, Secrets Manager, Wiz, ServiceNow, CMDB, SQL, REST APIs, cURL, BitBucket/Github, Terraform, Azure CLI, Ansible
Nice-to-have: Sailpoint, AD
Key Qualifications:
Strong understanding of AWS Identity and Access Management (IAM), including IAM roles, policies, users, and how they interact across AWS services.
Familiarity with AWS Identity Center, Service Control Policies (SCPs), and Resource-based Policies (RCPs), and how they contribute to centralized access control and governance.
Experience working with RESTful APIs, using tools like cURL to interact with cloud services and automate workflows.
Proficiency in SQL for querying and analyzing identity-related data across cloud and enterprise systems.
Working knowledge of cloud-native architectures and AWS services such as EC2, S3, Lambda, and CloudTrail.
Experience with CI/CD tools and infrastructure-as-code technologies, including:
Terraform for provisioning and managing AWS infrastructure
Azure CLI for cross-cloud scripting and automation
Ansible for configuration management and deployment automation
Ability to interpret and apply security best practices across multi-account AWS environments.
Key Responsibilities:
Drive IAM remediation initiatives by executing or assisting BU engineers in identifying and deactivating dormant accounts, enforcing MFA, and aligning access with enterprise security policies.
Collaborate with business and cloud teams to eliminate excessive permissions on IAM roles and resources, reducing the risk of lateral movement.
Implement and enforce credential rotation policies for IAM users, access keys, and cloud credentials to meet compliance and security standards.
Support a hybrid remediation strategy, balancing manual interventions with automation to deliver quick wins and long-term scalability.
Leverage CSPM tools (e.g., Wiz) to support security insights into automated remediation pipelines and compliance dashboards.
Drive automation-first workflows by supporting integrating with ServiceNow, CMDB, and identity governance platforms to streamline identity lifecycle management.
Partner with cross-functional teams including security operations, governance, and engineering to align remediation efforts with business objectives.
Design and support automated reporting pipelines to track IAM metrics, compliance KPIs, and OKRs across AWS environments.
Monitor and report on key identity metrics, including inactive users, non-human identities, and unrotated credentials, ensuring continuous compliance.
Continuously assess and enhance AWS security posture through proactive risk identification, mitigation strategies, and best practice implementation.
Project Responsibilities:
Validate metric baselines and progress
Manage Wiz queries (e.g., exclusions such as break glass, non-EEC tailoring)
Analyze cross-system data quality (Wiz, Okta, AD, IDC)
Design remediation and data quality monitoring/maintenance processes for role synchronizations
Coordinate with BA and IAM IDC development teams to document and test IDC related requirements
Partner with BA to analyze defined roles in Wiz, Okta, AD, IDC
Coordinate and document technical solution to synchronize and maintain role definitions across systems
Partner with BA, RISOs to coordinate initial timebound access cleanup with 1LOD teams
Document non-IDC requirement remediations
Design and document any technical processes related to the overall governance process (in partnership with Caz)
Perform Wiz IAM maintenance
Design Wiz IAM BAU process
Design and validate non-human role identifications techniques for non-EEC
Assist non-EEC platform teams with design and implementation of changes to support non-human role identification (if applicable based on BU responses)
Partner with SNOW team to implement form changes for findings governance process
Perform False positive research/triage
Perform remediation L2 support for 1LOD
Validate 1LOD deviation and risk acceptance submissions during the project and document BAU handover process
Assist EEC and non-EEC platform teams with design and implementation of controls to prevent or block findings from occurring
Determine post-Nimbus IAM RACI for Nimbus activities
Document BAU processes, perform KT to BAU IAM team
Cloud Engineer AWS & Identity & Access Management (IAM) Focus
Experience: 4+ years in AWS Cloud Security & Engineering
Certifications Preferred: AWS Certifications (e.g., Solutions Architect, Security Specialty)
Tools & Technologies:
AWS IAM, AWS Identity Center, SCPs, RCPs, Secrets Manager, Wiz, ServiceNow, CMDB, SQL, REST APIs, cURL, BitBucket/Github, Terraform, Azure CLI, Ansible
Nice-to-have: Sailpoint, AD
Key Qualifications:
Strong understanding of AWS Identity and Access Management (IAM), including IAM roles, policies, users, and how they interact across AWS services.
Familiarity with AWS Identity Center, Service Control Policies (SCPs), and Resource-based Policies (RCPs), and how they contribute to centralized access control and governance.
Experience working with RESTful APIs, using tools like cURL to interact with cloud services and automate workflows.
Proficiency in SQL for querying and analyzing identity-related data across cloud and enterprise systems.
Working knowledge of cloud-native architectures and AWS services such as EC2, S3, Lambda, and CloudTrail.
Experience with CI/CD tools and infrastructure-as-code technologies, including:
Terraform for provisioning and managing AWS infrastructure
Azure CLI for cross-cloud scripting and automation
Ansible for configuration management and deployment automation
Ability to interpret and apply security best practices across multi-account AWS environments.
Key Responsibilities:
Drive IAM remediation initiatives by executing or assisting BU engineers in identifying and deactivating dormant accounts, enforcing MFA, and aligning access with enterprise security policies.
Collaborate with business and cloud teams to eliminate excessive permissions on IAM roles and resources, reducing the risk of lateral movement.
Implement and enforce credential rotation policies for IAM users, access keys, and cloud credentials to meet compliance and security standards.
Support a hybrid remediation strategy, balancing manual interventions with automation to deliver quick wins and long-term scalability.
Leverage CSPM tools (e.g., Wiz) to support security insights into automated remediation pipelines and compliance dashboards.
Drive automation-first workflows by supporting integrating with ServiceNow, CMDB, and identity governance platforms to streamline identity lifecycle management.
Partner with cross-functional teams including security operations, governance, and engineering to align remediation efforts with business objectives.
Design and support automated reporting pipelines to track IAM metrics, compliance KPIs, and OKRs across AWS environments.
Monitor and report on key identity metrics, including inactive users, non-human identities, and unrotated credentials, ensuring continuous compliance.
Continuously assess and enhance AWS security posture through proactive risk identification, mitigation strategies, and best practice implementation.
Project Responsibilities:
Validate metric baselines and progress
Manage Wiz queries (e.g., exclusions such as break glass, non-EEC tailoring)
Analyze cross-system data quality (Wiz, Okta, AD, IDC)
Design remediation and data quality monitoring/maintenance processes for role synchronizations
Coordinate with BA and IAM IDC development teams to document and test IDC related requirements
Partner with BA to analyze defined roles in Wiz, Okta, AD, IDC
Coordinate and document technical solution to synchronize and maintain role definitions across systems
Partner with BA, RISOs to coordinate initial timebound access cleanup with 1LOD teams
Document non-IDC requirement remediations
Design and document any technical processes related to the overall governance process (in partnership with Caz)
Perform Wiz IAM maintenance
Design Wiz IAM BAU process
Design and validate non-human role identifications techniques for non-EEC
Assist non-EEC platform teams with design and implementation of changes to support non-human role identification (if applicable based on BU responses)
Partner with SNOW team to implement form changes for findings governance process
Perform False positive research/triage
Perform remediation L2 support for 1LOD
Validate 1LOD deviation and risk acceptance submissions during the project and document BAU handover process
Assist EEC and non-EEC platform teams with design and implementation of controls to prevent or block findings from occurring
Determine post-Nimbus IAM RACI for Nimbus activities
Document BAU processes, perform KT to BAU IAM team
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.