Let’s get started
By clicking ‘Next’, I agree to the Terms of Service
and Privacy Policy
Jobs / Job page
IAM Cloud Security Engineer image - Rise Careers
Job details

IAM Cloud Security Engineer

Job Number: R0208845IAM Cloud Security EngineerThe Opportunity:You know that the user is the last frontier for cybersecurity. It's where the perimeter is drawn, and securing identities is pivotal in the fight against cybercriminals. As an Identity and Access Management (IAM) Specialist, you have the skills and experience to keep hackers from taking data and breaking processes. We're looking for someone like you to help our clients meet their missions without disruption.As a Cloud Security Engineer with an IAM focus at Booz Allen, you'll play a critical role in the world of IAM and zero trust. You'll interface with stakeholders and engineering teams to delve into the details and dependencies of critical processes and users' roles within them.You'll analyze the identity lifecycle, articulating access requirements and defining enterprise identity records. You'll use your experience in IAM to design, deploy, and support systems that verify appropriate user privileges and manage credentials for accessing our clients' most valuable assets. From single sign-on to privileged access systems, you'll have the chance to implement enterprise-class solutions and stop adversaries in their tracks.What You'll Work On:• Design and implement enterprise-wide IAM solutions across multi-domain cloud environments, focusing on zero-trust principles, privileged access management, and automated access governance.• Lead the development of identity-centric security architectures, implementing fine-grained access controls, and establishing automated identity lifecycle management processes across AWS environments while maintaining DoD compliance requirements.• Architect and implement comprehensive IAM solutions integrating AWS IAM, Azure AD, and on-premises identity providers.• Design role-based access control (RBAC) and attribute-based access control (ABAC) frameworks.• Develop automated user provisioning and de-provisioning workflows using AWS Organizations and Control Tower.• Implement privileged access management (PAM) solutions and just-in-time access mechanisms.• Assist with creating and maintaining IAM policies using infrastructure as code, including AWS CDK and Terraform.• Design federated authentication patterns and SSO implementations.• Implement automated access reviews and certification processes.• Develop custom IAM policy automation tools and governance frameworks.Apply today to help us as we keep the warfighter safe.Join us. The world can't wait.You Have:• 5+ years of experience with general Cloud security• 2+ years of experience with AWS IAM, Organizations, and Control Tower• Experience implementing RBAC and ABAC frameworks in cloud environments• Experience with infrastructure code programming in Python and Node.js• Experience with identity federation protocols, including SAML, OIDC, or OAuth, and PAM implementation and workflows• Experience with AWS organizations and multi-account access patterns and IaC tools, including AWS CDK and Terraform for IAM management• Knowledge of PKI infrastructure and certificate management• Secret clearance• HS diploma or GED• Ability to obtain a DoD 8570 IAT Level II Compliance Certification within 30 days of start dateNice If You Have:• Experience with cross-account access patterns and permission boundary frameworks• Experience with identity governance and administration (IGA) solutions and AWS IAM Access Analyzer• Experience integrating enterprise identity providers, including Okta, Ping, or Azure AD• Experience with session policy implementation and management• Experience developing custom IAM policy generators and validators• Experience with privileged session monitoring and recording systems• Knowledge of service control policies (SCPs) and permission guardrails• Knowledge of automated access review and certification processes• Bachelor's degree• AWS Security Specialty, AWS Certified Solutions Architect Professional, ISC2 CISSP, or CertNexus Identity and Access Management Specialist CertificationClearance:Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.CompensationAt Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page.Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $84,600.00 to $193,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees. This posting will close within 90 days from the Posting Date.Identity StatementAs part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.Work ModelOur people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely.• If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility.• If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role.EEO CommitmentWe're an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change - no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.
Booz Allen Hamilton Glassdoor Company Review
4.2 Glassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star icon Glassdoor star icon
Booz Allen Hamilton DE&I Review
4.4 Glassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star icon Glassdoor star icon
CEO of Booz Allen Hamilton
Booz Allen Hamilton CEO photo
Horacio D. Rozanski
Approve of CEO

Average salary estimate

Estimate provided by employer
$100001 / ANNUAL (est.)
min
max
$80K
$120K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About IAM Cloud Security Engineer, Booz Allen Hamilton

If you're an experienced IAM Cloud Security Engineer seeking an exciting opportunity at Booz Allen in Hanscom AFB, MA, this role might be perfect for you! You'll be at the forefront of identity and access management, working to safeguard user identities against cyber threats. Your days will be filled with important responsibilities such as designing and implementing robust IAM solutions across cloud environments while adhering to zero-trust principles. At Booz Allen, you’ll collaborate with various stakeholders and engineering teams, addressing their exact needs and ensuring that our clients can operate seamlessly and without disruption. You will help evaluate and articulate the identity lifecycle, which involves defining access requirements and establishing comprehensive enterprise identity records. Plus, you'll have the chance to architect IAM frameworks that utilize AWS IAM, Azure AD, and even integrate on-premises identity providers to create a secure and efficient user experience. As you delve into implementing advanced access controls and automated identity lifecycle management processes, you’ll find that your work has a direct impact on the warfighter's safety and security. If you're ready to tackle a challenge where your skills and experience can make a significant difference, apply today at Booz Allen!

Frequently Asked Questions (FAQs) for IAM Cloud Security Engineer Role at Booz Allen Hamilton
What are the primary responsibilities of an IAM Cloud Security Engineer at Booz Allen?

As an IAM Cloud Security Engineer at Booz Allen, your main responsibilities will include designing and implementing enterprise-wide IAM solutions that prioritize zero-trust principles, as well as leading the development of identity-centric security architectures. You will oversee the development of fine-grained access controls and automated identity lifecycle management processes, ensuring compliance with DoD standards.

Join Rise to see the full answer
What qualifications do I need to work as an IAM Cloud Security Engineer at Booz Allen?

To be a successful IAM Cloud Security Engineer at Booz Allen, candidates should have a minimum of 5 years experience in cloud security and 2 years in AWS IAM. Additionally, familiarity with RBAC and ABAC frameworks, as well as experience in infrastructure code programming using Python and Node.js, is essential. A secret clearance and the ability to obtain a DoD 8570 IAT Level II Compliance Certification within the first month of employment are also required.

Join Rise to see the full answer
What skills are essential for an IAM Cloud Security Engineer role at Booz Allen?

Essential skills for the IAM Cloud Security Engineer position at Booz Allen include expertise in identity federation protocols like SAML and OIDC, as well as extensive knowledge of AWS organizations and multi-account access patterns. Candidates should also have hands-on experience with automation tools like Terraform and AWS CDK for IAM management, alongside strong analytical and problem-solving abilities.

Join Rise to see the full answer
How does Booz Allen support the career development of IAM Cloud Security Engineers?

Booz Allen values the professional growth of its employees, offering numerous pathways for career development for IAM Cloud Security Engineers. This includes access to training programs, tuition assistance for further education, and opportunities to participate in workshops and conferences to stay updated with industry trends and technologies.

Join Rise to see the full answer
What is the work environment like for IAM Cloud Security Engineers at Booz Allen?

The work environment for IAM Cloud Security Engineers at Booz Allen is collaborative and flexible. The company embraces a people-first culture, allowing employees to work both in-person and remotely as needed. This model encourages open communication and teamwork while ensuring that individuals can achieve a healthy work-life balance.

Join Rise to see the full answer
Common Interview Questions for IAM Cloud Security Engineer
Can you describe your experience with AWS IAM in a cloud security context?

In your answer, highlight specific projects or responsibilities where you implemented AWS IAM policies, how you structured access control, and the outcomes of your initiatives. Be sure to touch on your understanding of IAM best practices and any security protocols you followed.

Join Rise to see the full answer
What is your approach to implementing zero-trust principles in IAM solutions?

Explain your understanding of zero-trust architecture and how you would apply it in IAM scenarios. It can be beneficial to discuss methods for rigorous identity verification, least privilege access, and continuous monitoring within your response.

Join Rise to see the full answer
How do you stay updated with advancements in cloud security technologies?

Mention resources you utilize such as industry blogs, online courses, webinars, or professional networks. It's important to illustrate your commitment to continuous learning and improvement in the ever-evolving field of cloud security.

Join Rise to see the full answer
Describe a challenging IAM project you've worked on and how you overcame obstacles.

Identify a specific project and detail the challenges you faced, the strategies or technologies you implemented to resolve those issues, and the success you achieved. This provides insight into your problem-solving skills and resilience.

Join Rise to see the full answer
What experience do you have with role-based access control (RBAC) and attribute-based access control (ABAC)?

Discuss your familiarity and hands-on experience with designing and implementing both RBAC and ABAC frameworks. Be specific about how these controls have enhanced security and user access management in past projects.

Join Rise to see the full answer
How do you approach automated identity lifecycle management?

Explain your experience with automating user provisioning and de-provisioning, along with any tools you've used to streamline these processes. Discuss the importance of automation in enhancing security and operational efficiency.

Join Rise to see the full answer
What role does privileged access management (PAM) play in your IAM strategy?

Talk about how PAM is critical to minimize risks associated with privileged accounts. Provide examples of tools or processes you've used to manage privileged access effectively in previous roles.

Join Rise to see the full answer
Can you explain your experience with identity federation protocols like SAML or OIDC?

Highlight your practical knowledge of these protocols, discussing specific scenarios where you implemented them for seamless authentication and secure access across different domains or applications.

Join Rise to see the full answer
What strategies do you use for conducting automated access reviews?

Share your approach to setting up automated access reviews and certification processes, including tools you have employed and how these practices contribute to maintaining security and compliance.

Join Rise to see the full answer
Similar Jobs
Photo of the Rise User
Posted 8 days ago
Photo of the Rise User
Leidos Hybrid District Heights, MD
Posted 2 days ago
Photo of the Rise User
Inclusive & Diverse
Rise from Within
Mission Driven
Diversity of Opinions
Work/Life Harmony
Take Risks
Collaboration over Competition
Growth & Learning
Transparent & Candid
Customer-Centric
Social Impact Driven
Rapid Growth
Passion for Exploration
Dare to be Different
Reward & Recognition
Friends Outside of Work
Medical Insurance
Dental Insurance
Vision Insurance
Mental Health Resources
Life insurance
Disability Insurance
Health Savings Account (HSA)
Flexible Spending Account (FSA)
Conferences Stipend
Bias Training
Employee Resource Groups
401K Matching
Paternity Leave
Maternity Leave
Some Meals Provided
Social Gatherings
Photo of the Rise User
HackerOne Remote No location specified
Posted 9 days ago
Photo of the Rise User
Posted 6 days ago

Empower people to change the world.

226 jobs
MATCH
Calculating your matching score...
FUNDING
SENIORITY LEVEL REQUIREMENT
TEAM SIZE
EMPLOYMENT TYPE
Full-time, on-site
DATE POSTED
December 5, 2024

Subscribe to Rise newsletter

Risa star 🔮 Hi, I'm Risa! Your AI
Career Copilot
Want to see a list of jobs tailored to
you, just ask me below!