Yesterday
Secret
Mid Level Career (5+ yrs experience)
$125,000 - $150,000
IT - Security
Langley Air Force Base, VA (On-Site/Office)•Hanscom AFB, MA (On-Site/Office)
IAM Cloud Security Engineer
Location: Hanscom AFB MA, Langley AFB VA
Work Type: Onsite
Remote Work: No
Job Description
You know that the user is the last frontier for cybersecurity. It’s where the perimeter is drawn, and securing identities is pivotal in the fight against cybercriminals. As an Identity and Access Management (IAM) Specialist, you have the skills and experience to keep hackers from taking data and breaking processes. We’re looking for someone like you to help our clients meet their missions without disruption.
As a Cloud Security Engineer with an IAM focus, you’ll play a critical role in the world of IAM and zero trust. You’ll interface with stakeholders and engineering teams to delve into the details and dependencies of critical processes and users’ roles within them.
You’ll analyze the identity lifecycle, articulating access requirements and defining enterprise identity records. You’ll use your experience in IAM to design, deploy, and support systems that verify appropriate user privileges and manage credentials for accessing our clients’ most valuable assets. From single sign-on to privileged access systems, you’ll have the chance to implement enterprise-class solutions and stop adversaries in their tracks.
Responsibilities
Design and implement enterprise-wide IAM solutions across multi-domain cloud environments, focusing on zero-trust principles, privileged access management, and automated access governance.
Lead the development of identity-centric security architectures, implementing fine-grained access controls, and establishing automated identity lifecycle management processes across AWS environments while maintaining DoD compliance requirements.
Architect and implement comprehensive IAM solutions integrating AWS IAM, Azure AD, and on-premises identity providers.
Design role-based access control (RBAC) and attribute-based access control (ABAC) frameworks.
Develop automated user provisioning and de-provisioning workflows using AWS Organizations and Control Tower.
Implement privileged access management (PAM) solutions and just-in-time access mechanisms.
Assist with creating and maintaining IAM policies using infrastructure as code, including AWS CDK and Terraform.
Design federated authentication patterns and SSO implementations.
Implement automated access reviews and certification processes.
Develop custom IAM policy automation tools and governance frameworks.
Qualifications
5+ years of experience with general Cloud security
2+ years of experience with AWS IAM, Organizations, and Control Tower
Experience implementing RBAC and ABAC frameworks in cloud environments
Experience with infrastructure code programming in Python and Node.js
Experience with identity federation protocols, including SAML, OIDC, or OAuth, and PAM implementation and workflows
Experience with AWS organizations and multi-account access patterns and IaC tools, including AWS CDK and Terraform for IAM management
Knowledge of PKI infrastructure and certificate management
Secret clearance
HS diploma or GED
Ability to obtain a DoD 8570 IAT Level II Compliance Certification within 30 days of start date
Additional Qualifications
Experience with cross-account access patterns and permission boundary frameworks
Experience with identity governance and administration (IGA) solutions and AWS IAM Access Analyzer
Experience integrating enterprise identity providers, including Okta, Ping, or Azure AD
Experience with session policy implementation and management
Experience developing custom IAM policy generators and validators
Experience with privileged session monitoring and recording systems
Knowledge of service control policies (SCPs) and permission guardrails
Knowledge of automated access review and certification processes
Bachelor's degree
AWS Security Specialty, AWS Certified Solutions Architect Professional, ISC2 CISSP, or CertNexus Identity and Access Management Specialist Certification
Clearance:
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.
Compensation and Benefits
Salary Range: $90,000 - $195,000 (Compensation is determined by various factors, including but not limited to location, work experience, skills, education, certifications, seniority, and business needs. This range may be modified in the future.)
Benefits: Gridiron offers a comprehensive benefits package including medical, dental, vision insurance, HSA, FSA, 401(k), disability & ADD insurance, life and pet insurance to eligible employees. Full-time and part-time employees working at least 30 hours per week on a regular basis are eligible to participate in Gridiron’s benefits programs.
Gridiron IT Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status or disability status.
Gridiron IT is a Women Owned Small Business (WOSB) headquartered in the Washington, D.C. area that supports our clients' missions throughout the United States. Gridiron IT specializes in providing comprehensive IT services tailored to meet the needs of federal agencies. Our capabilities include IT Infrastructure & Cloud Services, Cyber Security, Software Integration & Development, Data Solution & AI, and Enterprise Applications. These capabilities are backed by Gridiron IT's experienced workforce and our commitment to ensuring we meet and exceed our clients' expectations.
Location: Hanscom AFB MA, Langley AFB VA
Work Type: Onsite
Remote Work: No
Job Description
You know that the user is the last frontier for cybersecurity. It’s where the perimeter is drawn, and securing identities is pivotal in the fight against cybercriminals. As an Identity and Access Management (IAM) Specialist, you have the skills and experience to keep hackers from taking data and breaking processes. We’re looking for someone like you to help our clients meet their missions without disruption.
As a Cloud Security Engineer with an IAM focus, you’ll play a critical role in the world of IAM and zero trust. You’ll interface with stakeholders and engineering teams to delve into the details and dependencies of critical processes and users’ roles within them.
You’ll analyze the identity lifecycle, articulating access requirements and defining enterprise identity records. You’ll use your experience in IAM to design, deploy, and support systems that verify appropriate user privileges and manage credentials for accessing our clients’ most valuable assets. From single sign-on to privileged access systems, you’ll have the chance to implement enterprise-class solutions and stop adversaries in their tracks.
Responsibilities
Design and implement enterprise-wide IAM solutions across multi-domain cloud environments, focusing on zero-trust principles, privileged access management, and automated access governance.
Lead the development of identity-centric security architectures, implementing fine-grained access controls, and establishing automated identity lifecycle management processes across AWS environments while maintaining DoD compliance requirements.
Architect and implement comprehensive IAM solutions integrating AWS IAM, Azure AD, and on-premises identity providers.
Design role-based access control (RBAC) and attribute-based access control (ABAC) frameworks.
Develop automated user provisioning and de-provisioning workflows using AWS Organizations and Control Tower.
Implement privileged access management (PAM) solutions and just-in-time access mechanisms.
Assist with creating and maintaining IAM policies using infrastructure as code, including AWS CDK and Terraform.
Design federated authentication patterns and SSO implementations.
Implement automated access reviews and certification processes.
Develop custom IAM policy automation tools and governance frameworks.
Qualifications
5+ years of experience with general Cloud security
2+ years of experience with AWS IAM, Organizations, and Control Tower
Experience implementing RBAC and ABAC frameworks in cloud environments
Experience with infrastructure code programming in Python and Node.js
Experience with identity federation protocols, including SAML, OIDC, or OAuth, and PAM implementation and workflows
Experience with AWS organizations and multi-account access patterns and IaC tools, including AWS CDK and Terraform for IAM management
Knowledge of PKI infrastructure and certificate management
Secret clearance
HS diploma or GED
Ability to obtain a DoD 8570 IAT Level II Compliance Certification within 30 days of start date
Additional Qualifications
Experience with cross-account access patterns and permission boundary frameworks
Experience with identity governance and administration (IGA) solutions and AWS IAM Access Analyzer
Experience integrating enterprise identity providers, including Okta, Ping, or Azure AD
Experience with session policy implementation and management
Experience developing custom IAM policy generators and validators
Experience with privileged session monitoring and recording systems
Knowledge of service control policies (SCPs) and permission guardrails
Knowledge of automated access review and certification processes
Bachelor's degree
AWS Security Specialty, AWS Certified Solutions Architect Professional, ISC2 CISSP, or CertNexus Identity and Access Management Specialist Certification
Clearance:
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.
Compensation and Benefits
Salary Range: $90,000 - $195,000 (Compensation is determined by various factors, including but not limited to location, work experience, skills, education, certifications, seniority, and business needs. This range may be modified in the future.)
Benefits: Gridiron offers a comprehensive benefits package including medical, dental, vision insurance, HSA, FSA, 401(k), disability & ADD insurance, life and pet insurance to eligible employees. Full-time and part-time employees working at least 30 hours per week on a regular basis are eligible to participate in Gridiron’s benefits programs.
Gridiron IT Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status or disability status.
Gridiron IT is a Women Owned Small Business (WOSB) headquartered in the Washington, D.C. area that supports our clients' missions throughout the United States. Gridiron IT specializes in providing comprehensive IT services tailored to meet the needs of federal agencies. Our capabilities include IT Infrastructure & Cloud Services, Cyber Security, Software Integration & Development, Data Solution & AI, and Enterprise Applications. These capabilities are backed by Gridiron IT's experienced workforce and our commitment to ensuring we meet and exceed our clients' expectations.
group id: 91017793
