IAM Engineer Cloud Security Engineer
Share
Job Location:
Dallas, IA - USA
Monthly Salary:
Not Disclosed
Posted on:
4 hours ago
Vacancies:
1 Vacancy
Job Summary
Job Title: IAM Engineer/ Cloud Security Engineer
Location: Dallas TX
Duration: 1 Year
Location: Dallas TX
Duration: 1 Year
Job Description:
We are seeking a seasoned IAM & Cloud Security Engineer to drive the secure migration of identity access and security workloads from AWS to Azure and GCP while establishing Policy-as-Code (PaC) and IAM Infrastructure-as-Code (IaC) automation frameworks.
This role combines deep technical expertise in cloud IAM policy governance CI/CD automation and infrastructure security. You will define implement and operationalize a unified security automation pipeline across Azure and GCP environments for Smart TV and Mobile Cloud infrastructure workloads.
You will collaborate closely with DevOps Cloud Platform and Security Architecture teams to ensure secure-by-design implementations and compliance alignment across all environments.
Key Responsibilities:
Identity and Access Management (IAM) Migration
Lead IAM migration from AWS IAM policies roles and groups to Azure Active Directory Azure RBAC and GCP IAM roles and bindings.
Develop Terraform IaC modules to automate IAM resource creation across Azure and GCP environments.
Ensure the least privilege and separation of duties principles are enforced in all IAM configurations.
Integrate cloud identity providers (Azure AD Cloud Identity) with corporate SSO (SAML/OIDC).
Establish service identities workload identities and managed identities for CI/CD and application workloads.
Policy-as-Code (PaC) Governance
Define and implement Policy-as-Code frameworks to enforce cloud governance and compliance baselines in Azure and GCP.
Develop and maintain PaC pipelines using Terraform Sentinel OPA (Open Policy Agent) or Azure Policy.
Establish CI/CD pipelines for Policy-as-Code validation testing and deployment.
Provide guidance and best practices for developing reusable and scalable PaC modules.
Implement policy version control exception management and automated compliance enforcement.
Collaborate with security architects to define policy coverage requirements (IAM networking encryption storage and tagging).
CI/CD and Automation for Security & IAM
Design and establish CI/CD pipelines for IAM IaC and Policy-as-Code deployments across Azure DevOps GitHub Actions and Google Cloud Build.
Automate security control deployments using Terraform including IAM roles key management and network policies.
Integrate policy compliance checks into the CI/CD flow for both infrastructure and application security pipelines.
Build reusable Terraform pipelines to enforce consistent security posture across environments.
Establish pipeline security gates (pre-deployment and post-deployment) for IAM and PaC changes.
Security Workload Migration (AWS Azure & GCP)
Migrate security workloads such as WAF configurations key management (KMS) and security analytics from AWS to Azure and GCP.
Develop IaC for host infrastructure and application security controls in target clouds.
Map AWS security services (IAM KMS WAF GuardDuty) to Azure Security Center Defender for Cloud and GCP Security Command Center equivalents.
Recreate AWS Config Rules and SCPs as Azure Policies and GCP Organization Policies.
Ensure encryption secrets management and logging solutions are replicated or enhanced in target platforms.
Participate in testing validation and audit readiness for migrated security components.
Security Monitoring Compliance & DR Integration
Integrate monitoring and alerting with Azure Monitor GCP Operations Suite and SIEM tools.
Enable IAM and security event logging via Azure Activity Logs GCP Audit Logs and Cloud Logging.
Contribute to Disaster Recovery (DR) security alignment-ensuring IAM policy and encryption configurations are recoverable and consistent across regions.
Maintain auditability and compliance mapping (ISO 27001 NIST SOC 2)
Migrate security workloads such as WAF configurations key management (KMS) and security analytics from AWS to Azure and GCP.
Develop IaC for host infrastructure and application security controls in target clouds.
Map AWS security services (IAM KMS WAF GuardDuty) to Azure Security Center Defender for Cloud and GCP Security Command Center equivalents.
Recreate AWS Config Rules and SCPs as Azure Policies and GCP Organization Policies.
Ensure encryption secrets management and logging solutions are replicated or enhanced in target platforms.
Participate in testing validation and audit readiness for migrated security components.
Security Monitoring Compliance & DR Integration
Integrate monitoring and alerting with Azure Monitor GCP Operations Suite and SIEM tools.
Enable IAM and security event logging via Azure Activity Logs GCP Audit Logs and Cloud Logging.
Contribute to Disaster Recovery (DR) security alignment-ensuring IAM policy and encryption configurations are recoverable and consistent across regions.
Maintain auditability and compliance mapping (ISO 27001 NIST SOC 2)
Keywords: IAM Azure ZWS SSO CI/CD SIEM SAML
Key Skills
- Splunk
- IDS
- Network security
- Computer Networking
- Identity & Access Management
- PKI
- PCI
- NIST Standards
- Security System Experience
- Information Security
- Encryption
- Siem
