AWS Cloud Engineer, SSO (OIDC/SAML

Overview

On Site
Depends on Experience
Accepts corp to corp applications
Contract - Independent
Contract - W2
Contract - 12 Month(s)
Able to Provide Sponsorship

Skills

AWS
SSO
Single Sign-On
OIDC
SAML

Job Details

AWS Cloud Engineer, SSO (OIDC/SAML
Boston ( 4 days/week)Need Local
Long term
Contract

AWS Cloud Engineer with deep expertise in Single Sign-On (SSO) integrations using OIDC/SAML, and strong software development skills. This role will design, build, secure, and operate scalable cloud-native data platforms, with a focus on identity federation, access governance, and application development.

The ideal candidate combines cloud infrastructure engineering, identity and access management (IAM), and hands-on development to deliver secure, reliable, and automated solutions.

Key Responsibilities

Cloud & Data Platform Engineering

Implement network architectures using VPCs, subnets, security groups, NACLs, VPC endpoints, and private connectivity.

SSO & Identity Federation

Design and implement Redshift SSO using OIDC and/or SAML 2.0.

Integrate Redshift with enterprise IdPs (e.g., Okta, Azure AD, Ping, Auth0, AWS IAM Identity Center).

Configure IAM roles, policies, and trust relationships for federated access.

Implement role-based access control (RBAC) and fine-grained authorization within Redshift.

Troubleshoot authentication, authorization, token, and federation issues end-to-end.

Development & Automation

Develop cloud-native applications, services, or utilities using Python, Java, or similar languages.

Build automation for infrastructure provisioning using IaC (Terraform, AWS CDK, or CloudFormation).

Develop CI/CD pipelines for infrastructure and application deployments.

Create APIs, Lambda functions, and event-driven workflows to support data and identity use cases.

Security, Governance & Compliance

Apply AWS security best practices, including least privilege, encryption at rest and in transit, and secure secrets management.

Implement audit logging and monitoring using CloudTrail, CloudWatch, and AWS Config.

Support compliance requirements (SOC2, HIPAA, PCI, or similar, as applicable).

Required Qualifications

  • 10+ years of hands-on experience in AWS cloud engineering.
  • Proven experience implementing SSO using OIDC and/or SAML 2.0.
  • Proficiency in at least one programming language (Python preferred; Java acceptable).
  • Strong knowledge of AWS IAM, STS, role assumption, and federated identity models.
  • Experience with Infrastructure as Code (Terraform, CDK, or CloudFormation).
  • Solid understanding of networking concepts (DNS, TLS, VPC routing, private endpoints).
  • Experience with Linux-based environments and scripting.

Preferred / Nice-to-Have Skills

  • Experience with AWS IAM Identity Center (SSO).
  • Familiarity with Okta, Azure AD, PingFederate, or Auth0 integrations.
  • Exposure to containerization (Docker) and orchestration (ECS/EKS).

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.