Top Talent LLC
IAM Senior Engineer
Company: Fortune 500 Financial Services Company
Charlotte, NC or Des Moines, IA
Type: Full Time
Overview
The IAM Senior Engineer will lead the design, deployment, and ongoing support of IAM solutions across multi-cloud environments (AWS, Azure, GCP), ensuring secure, compliant, and seamless access for users, applications, and services. The IAM Lead Engineer will serve as a subject matter expert, driving adoption of modern identity standards and automation to support a Zero Trust security model.
Key Responsibilities
Company: Fortune 500 Financial Services Company
Charlotte, NC or Des Moines, IA
Type: Full Time
Overview
The IAM Senior Engineer will lead the design, deployment, and ongoing support of IAM solutions across multi-cloud environments (AWS, Azure, GCP), ensuring secure, compliant, and seamless access for users, applications, and services. The IAM Lead Engineer will serve as a subject matter expert, driving adoption of modern identity standards and automation to support a Zero Trust security model.
Key Responsibilities
- Lead architecture, engineering, and implementation of cloud IAM solutions across AWS, Azure, and GCP.
- Manage and optimize identity platforms such as Azure Active Directory, Okta, Ping Identity, or equivalent cloud identity providers.
- Define and enforce IAM policies for authentication, authorization, and federation in cloud-native and hybrid environments.
- Automate identity lifecycle processes, including provisioning, de-provisioning, and role/attribute-based access controls.
- Implement and manage privileged access management (PAM) for cloud infrastructure and DevOps pipelines.
- Integrate SaaS and IaaS applications with enterprise IAM platforms using SAML, OAuth 2.0, OIDC, and SCIM.
- Partner with security, DevOps, and application teams to embed IAM best practices into CI/CD and cloud operations.
- Support audits and compliance initiatives (e.g., SOC 2, SOX, PCI-DSS, HIPAA, FedRAMP) with IAM evidence and controls.
- Monitor, troubleshoot, and remediate IAM issues across cloud environments to ensure availability and scalability.
- Research and implement emerging cloud IAM technologies aligned to Zero Trust and least privilege principles.
- Bachelor's degree in Computer Science, Cybersecurity, or related field (or equivalent experience).
- 7+ years of experience in Identity and Access Management, with at least 3+ years in cloud IAM.
- Hands-on experience with cloud identity services (Azure AD, AWS IAM, AWS SSO, GCP IAM).
- Strong knowledge of authentication/federation standards: SAML, OAuth 2.0, OIDC, SCIM, LDAP, Kerberos.
- Proficiency with scripting/automation (PowerShell, Python, Terraform, or equivalent).
- Experience implementing RBAC, ABAC, and least privilege across cloud workloads.
- Familiarity with Zero Trust principles, conditional access, and MFA/Passwordless authentication.
- Strong understanding of regulatory compliance frameworks as they apply to cloud security.
- Excellent communication skills with the ability to lead cross-functional teams.
- Certifications such as Azure Security Engineer, AWS Certified Security - Specialty, or Okta Certified Professional.
- Experience with Infrastructure as Code (Terraform, CloudFormation) for IAM policy and role management.
- Prior experience integrating IAM with DevSecOps and CI/CD pipelines.
- Knowledge of identity threat detection and response (ITDR) solutions.
- Base Salary: $160,000 - $200,000 annually, based on experience and qualifications.
- Bonus: Eligible for an annual discretionary performance bonus.
- Benefits Package Includes:
- Comprehensive medical, dental, and vision insurance
- 401(k) retirement plan with company match
- Paid time off (vacation, sick leave, holidays)
- Flexible work arrangements (remote/hybrid options, depending on business needs)
- Professional development opportunities, training, and certifications
- Employee wellness programs and additional voluntary benefits