Senior IAM Engineer

Summary

Join T-Rex Solutions as a Senior IAM Engineer to support the US Department of the Treasury's TCloud enterprise cloud development. This role focuses on managing and securing AWS environments, designing and implementing IAM policies, and ensuring compliance with security standards. You will analyze existing policies, create Service Control Policies (SCP), and collaborate with cross-functional teams. The ideal candidate possesses strong IAM expertise, understands Role trust policies, and has experience with various cloud platforms. This position requires a Bachelor's degree and 7+ years of experience or 11+ years of experience in lieu of a degree. A Public Trust clearance is required.

Requirements

• Bachelor's Degree and at least 7 years of experience
• 11 Years of Experience in Lieu of a degree
• Must be U.S Citizen
• Must be able to obtain a Public Trust clearance to start
• Experience working with IAM technologies, such as AWS IAM, Active Directory, Azure AD, Okta, or similar IAM tools
• Knowledge of security protocols such as SAML, OAuth, OpenID Connect, LDAP, and other identity-related standards
• Understanding of user access control models, such as Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC)
• Experience supporting cloud platforms (AWS, Azure, Google Cloud) and how IAM integrates with cloud environments
• Strong verbal, written, interpersonal, troubleshooting, and analytical skills

Responsibilities

• Design, implement, and manage IAM policies, roles, and users within the AWS environment
• Create and evaluate IAM policies, trust policies, and SCP policies to ensure secure access to AWS resources
• Analyze policy statements service by service to identify excessive permissions or potential impacts to guardrails
• Scope IAM policies to specific resources or conditions to maintain the principle of least privilege
• Conduct regular audits and reviews of IAM policies to ensure compliance with security best practices and organizational policies
• Collaborate with cross-functional teams to integrate IAM best practices into development and operational workflows
• Develop and maintain documentation for IAM policies, procedures, and configurations
• Respond to security incidents and perform root cause analysis to prevent future occurrences
• Stay updated on AWS IAM services and industry best practices to ensure our environment is secure and compliant
• Use AWS services like CloudTrail, CloudWatch, and Access Analyzer to audit existing policies and recommend changes based on actual usage
• Help us review IAM changes that are needed when adding new services to the approved service catalog

Preferred Qualifications

• AWS or relevant cloud certifications
• Experience with Azure, OCI or GCP cloud infrastructure
• Experience with scripting languages (e.g., Python, Bash)
• Agile, Scrum, JIRA, Service now

Benefits

• PTO available to use immediately upon joining (prorated based on start date)
• Paid parental leave
• Individual and family health, vision, and dental benefits
• Annual budget for training, professional development and tuition reimbursement
• A 401(k) plan with company match fully vested after 60 days of employment