AWS Cloud IAM Architect

Job Title: Senior AWS Cloud IAM Architect
Job Type: Full-Time
Location: Remote

Job Description

We are seeking an experienced Senior AWS Cloud IAM Architect to join our cloud security team. The ideal candidate will have deep expertise in AWS Identity and Access Management (IAM), cloud security architecture, and access governance. This role requires strong troubleshooting capabilities, hands-on experience with AWS Organizations, and the ability to collaborate closely with application and platform teams to implement secure and scalable cloud access solutions.

Key Responsibilities

• Design, implement, and manage secure AWS IAM solutions across multi-account environments.
• Configure and maintain IAM roles, trust policies, permission boundaries, policy conditions, and cross-account access strategies.
• Manage and troubleshoot AWS resource-based policies including S3 bucket policies, KMS key policies, and related services.
• Analyze and assess the impact of Service Control Policies (SCPs) within AWS Organizations.
• Review cloud architectures and recommend secure least-privilege access models and IAM best practices.
• Investigate and resolve IAM-related authentication and authorization issues across AWS environments.
• Define, document, and maintain IAM standards, governance processes, and reusable access patterns.
• Partner with application, DevOps, platform, and security teams to support secure cloud adoption initiatives.
• Conduct security reviews and ensure compliance with organizational cloud security policies.

Mandatory Skills

• Strong hands-on experience with AWS IAM services and cloud security concepts.
• Experience working with at least 8 to 10 AWS services in enterprise environments.
• Minimum 2+ years of experience in IAM design and architecture.
• Minimum 2+ years of hands-on AWS IAM experience.

Experience with:

• IAM Roles & Policies
• Trust Relationships
• Cross-Account Access
• Policy Conditions
• Permission Boundaries

Hands-on experience with AWS resource policies such as:

• Amazon S3 Bucket Policies
• AWS KMS Key Policies

• Strong understanding of AWS Organizations and Service Control Policies (SCPs).
• Experience in AWS resource provisioning using CloudFormation.
• Experience in AWS resource provisioning using Terraform.
• Proven experience in troubleshooting complex IAM and access-related issues.
• Ability to design secure cloud architectures following least-privilege principles.
• Strong communication and stakeholder management skills.