AWS Cloud Infrastructure Engineer
New
Fully remote eligibility within the United StatesFull-TimeSenior
Salary153,000 - 207,000 USD per year
Apply NowOpens the employer's application page
Job Details
- Experience
- 10+ years of experience in identity and access management, including 8+ years in cloud environments
- Required Skills
- CI/CD
Requirements
- Bachelor’s degree in Cybersecurity, Information Systems, or equivalent experience
- 10+ years of experience in identity and access management, including 8+ years in cloud environments
- Strong hands-on experience with Keycloak and AWS IAM Identity Center for SSO and MFA implementations
- Deep knowledge of identity federation protocols including SAML, OAuth2.0, OIDC, and SCIM
- Strong expertise in RBAC, ABAC, and policy-based access control frameworks
- Experience working with federal compliance frameworks such as FedRAMP, FISMA, and NIST 800-63
- Strong understanding of PKI, digital certificates, encryption, and secure authentication mechanisms
- Familiarity with AWS security services including KMS, CloudTrail, Lambda, and API Gateway authentication
- Experience working in Agile and DevSecOps environments with CI/CD and IaC practices
- Ability to collaborate effectively with technical and executive stakeholders in a consulting-style role
Responsibilities
- Design and maintain enterprise identity architecture using Keycloak as the core identity provider and federation broker
- Implement SSO and federated authentication solutions using SAML, OAuth2.0, and OpenID Connect protocols
- Configure and integrate identity providers such as AWS IAM Identity Center, AWS Cognito, Azure AD, IBM Verify, and Keycloak
- Enforce Zero Trust Architecture principles across microservices, APIs, and cloud-native applications
- Develop and manage identity lifecycle processes including provisioning, deprovisioning, and access reviews
- Define and enforce RBAC/ABAC policies ensuring least-privilege access across users and systems
- Support compliance with NIST 800-63, FedRAMP, FISMA, and related federal security frameworks
- Design logging, monitoring, and auditing strategies for authentication and authorization events using AWS and SIEM tools
- Collaborate with DevSecOps teams to embed ICAM policies into CI/CD pipelines and infrastructure-as-code templates
- Lead identity integration design sessions and provide technical oversight for architecture, security, and vulnerability management initiatives
View Full Description & ApplyYou'll be redirected to the employer's site
