Job description

Job Description: Access and Identity Management team sits in the Global Information Security group whose mission is to evaluate, establish, maintain information security controls that protect the company's information and computer systems. The Cloud Identity & Access Management (IAM) Cloud Associate role is a technical position which will support IAM functions in Microsoft Azure and AWS environment(s). This includes creating and granting access to new users, non-human accounts while crafting and maintaining roles permissions and entitlements for various businesses/departments. In addition to performing user access management activities this role also requires proactive governance of all cloud environment(s) that includes reviewing stale access, handling secret rotations, reducing over-privileged access etc. Primary Duties & Responsibilities: • Drive continuous improvement within the IAM security architecture by introducing and implementing emerging security technologies and best practices. • Collaborate effectively with business and IT teams to analyze and define IAM requirements. • Liaise with Information Security, Aladdin Engineering, and business functions to deliver the target technology environment. • Create and enhance automation scripts and CI/CD pipelines to implement IAM roles, SPNs, and other IaC configurations in Azure, AWS, and GCP public cloud environments. • Utilize automation tools such as CI/CD pipelines, Azure DevOps, Terraform, and Python scripts for IAM infrastructure setup and capability deployment. • Identify gaps and recommend solutions to enhance operational efficiencies across IAM processes. • Manage user and non-human access through Azure RBAC role assignments via Privileged Identity Management (PIM). • Ensure a comprehensive understanding of onboarding enterprise applications. • Handle IAM users, policies, and roles in AWS. Required Qualifications: • Bachelor's degree in Cyber Security, Computer Science, Information systems or equivalent work experience in the IT field, with at least a portion of that time in Security related position • Minimum of 5+ years of proven experience in Access and Identity Management. • 2-4 years of extensive experience working with IAM within Microsoft Azure and Amazon Web Services (AWS) environments. • Hands-on experience with creating, modifying, and maintaining user access via Privileged Identity Management (PIM) in Microsoft Azure. • Proficient in assigning entitlements to roles and groups using Role-Based Access Control (RBAC). • Experience with application registrations and granting required permissions to non-human accounts in the cloud. • Skilled in maintaining access to management groups, subscriptions, resources, and enterprise applications. • Strong understanding of using AWS CLI, IAM users, policies, roles, terraform to deploy resources, and permission boundaries to address complex access requests within AWS. • Demonstrated knowledge of role-based access provisioning, establishing team-based roles, and assigning entitlements. • Proficiency in PowerShell and Python scripting for task automation and efficiency. • Solid grasp of cloud security governance practices and IAM policy/document preparation. • Experience working in a highly regulated and audited Information Security environment. • Knowledge of IAM activities in Google Cloud Platform (GCP) is a plus.

Requirements