AWS IAM Specialist

Job ID: 2508869

Location: REMOTE WORK, DC, US

Date Posted: 2025-08-19

Category: Information Technology

Subcategory: IT Security Administrator

Schedule: Full-time

Shift: Day Job

Travel: No

Minimum Clearance Required: None

Clearance Level Must Be Able to Obtain: Public Trust

Potential for Remote Work: Yes

Description

We are seeking an experienced AWS IAM Specialist to join our team. The ideal candidate will have a strong background in managing and securing our AWS environment, with a focus on creating, evaluating, and optimizing IAM policies. This role will require expertise in writing efficient and secure IAM policies, analyzing existing policy statements against guardrails and best practices, and crafting Service Control Policies (SCP) to maintain the principle of least privilege and ensure compliance with organizational security standards. The candidate must also have a strong understanding of Role trust policies and how to tightly control access using targeted principals and layered conditional statements.

Key Responsibilities:

• Design, implement, and manage IAM policies, roles, and users within the AWS environment.
• Create and evaluate IAM policies, trust policies, and SCP policies to ensure secure access to AWS resources.
• Analyze policy statements service by service to identify excessive permissions or potential impacts to guardrails.
• Scope IAM policies to specific resources or conditions to maintain the principle of least privilege.
• Conduct regular audits and reviews of IAM policies to ensure compliance with security best practices and organizational policies.
• Collaborate with cross-functional teams to integrate IAM best practices into development and operational workflows.
• Develop and maintain documentation for IAM policies, procedures, and configurations.
• Respond to security incidents and perform root cause analysis to prevent future occurrences.
• Stay updated on AWS IAM services and industry best practices to ensure our environment is secure and compliant.
• Use AWS services like CloudTrail, CloudWatch, and Access Analyzer to audit existing policies and recommend changes based on actual usage.

Qualifications

Required Qualifications:

• Bachelor's degree in computer science/engineering, or a related technical field plus 3 years of hands on IAM experience. Master's degree with 2 years of hands on IAM experience. 4 years of experience is required in lieu of a secondary degree.
• Must be able to obtain a Public Trust clearance to start.
• Experience working with IAM technologies, such as AWS IAM, Active Directory, Azure AD, Okta, or similar IAM tools.
• Knowledge of security protocols such as SAML, OAuth, OpenID Connect, LDAP, and other identity-related standards.
• Understanding of user access control models, such as Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC).
• Experience supporting cloud platforms (AWS, Azure, Google Cloud) and how IAM integrates with cloud environments.
• Strong verbal, written, interpersonal, troubleshooting, and analytical skills.

Desired:

• AWS or relevant cloud certifications
• Experience with Azure, OCI or Google Cloud Platform cloud infrastructure
• Experience with scripting languages (e.g., Python, Bash)
• Agile, Scrum, JIRA, Service now

Target salary range: $120,001 - $160,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.