Booz Allen Hamilton
IAM Cloud Security Engineer
Booz Allen Hamilton, Lexington, Massachusetts, United States, 02173
Job Number: R0208845
The Opportunity:You know that the user is the last frontier for cyber security. It's where the perimeter is drawn, and securing identities is pivotal in the fight against cybercriminals. As an IAM specialist, you have the skills and experience to keep hackers from taking data and breaking processes. We're looking for someone like you to help our clients meet their missions without disruption.As an Cloud Security Engineer with an Identity and Access Management (IAM) focus at Booz Allen, you'll play a critical role in the world of identity and access management and zero trust. You'll interface with stakeholders and engineering teams to delve into the details and dependencies of critical processes and users' roles within them.You'll analyze the identity lifecycle, articulating access requirements and defining enterprise identity records. You'll use your experience in IAM to design, deploy, and support systems that verify appropriate user privileges and manage credentials for accessing our clients' most valuable assets. From single sign-on to privileged access systems, you'll have the chance to implement enterprise-class solutions and stop adversaries in their tracks.In this role, you will:Design and implement enterprise-wide identity and access management solutions across multi-domain cloud environments, focusing on zero-trust principles, privileged access management, and automated access governance.Lead the development of identity-centric security architectures, implementing fine-grained access controls, and establishing automated identity lifecycle management processes across AWS environments while maintaining DoD compliance requirements.Architect and implement comprehensive IAM solutions integrating AWS IAM, Azure AD, and on-premises identity providers.Design role-based access control (RBAC) and attribute-based access control (ABAC) frameworks.Develop automated user provisioning and de-provisioning workflows using AWS Organizations and Control Tower.Implement privileged access management (PAM) solutions and just-in-time access mechanisms.Create and maintain IAM policies using infrastructure as code, including AWS CDK and Terraform.Design federated authentication patterns and SSO implementations.Implement automated access reviews and certification processes.Develop custom IAM policy automation tools and governance frameworks.Apply today to help us as we keep the warfighter safe.You Have:5+ years of experience with AWS IAM, Organizations, and Control TowerExperience with implementing RBAC and ABAC frameworks in cloud environmentsExperience with programming in Python and Node.js with focus on IAM automationExperience with identity federation protocols, including SAML, OIDC, or OAuthExperience with privileged access management (PAM) implementation and workflowsExperience with AWS Organizations and multi-account access patterns and IaC tools, including AWS CDK and Terraform for IAM managementKnowledge of PKI infrastructure and certificate managementSecret clearanceBachelor's degreeClearance:Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.CompensationAt Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values.Identity StatementAs part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.Work ModelOur people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely.If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility.If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role.EEO CommitmentWe're an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change - no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.
#J-18808-Ljbffr
The Opportunity:You know that the user is the last frontier for cyber security. It's where the perimeter is drawn, and securing identities is pivotal in the fight against cybercriminals. As an IAM specialist, you have the skills and experience to keep hackers from taking data and breaking processes. We're looking for someone like you to help our clients meet their missions without disruption.As an Cloud Security Engineer with an Identity and Access Management (IAM) focus at Booz Allen, you'll play a critical role in the world of identity and access management and zero trust. You'll interface with stakeholders and engineering teams to delve into the details and dependencies of critical processes and users' roles within them.You'll analyze the identity lifecycle, articulating access requirements and defining enterprise identity records. You'll use your experience in IAM to design, deploy, and support systems that verify appropriate user privileges and manage credentials for accessing our clients' most valuable assets. From single sign-on to privileged access systems, you'll have the chance to implement enterprise-class solutions and stop adversaries in their tracks.In this role, you will:Design and implement enterprise-wide identity and access management solutions across multi-domain cloud environments, focusing on zero-trust principles, privileged access management, and automated access governance.Lead the development of identity-centric security architectures, implementing fine-grained access controls, and establishing automated identity lifecycle management processes across AWS environments while maintaining DoD compliance requirements.Architect and implement comprehensive IAM solutions integrating AWS IAM, Azure AD, and on-premises identity providers.Design role-based access control (RBAC) and attribute-based access control (ABAC) frameworks.Develop automated user provisioning and de-provisioning workflows using AWS Organizations and Control Tower.Implement privileged access management (PAM) solutions and just-in-time access mechanisms.Create and maintain IAM policies using infrastructure as code, including AWS CDK and Terraform.Design federated authentication patterns and SSO implementations.Implement automated access reviews and certification processes.Develop custom IAM policy automation tools and governance frameworks.Apply today to help us as we keep the warfighter safe.You Have:5+ years of experience with AWS IAM, Organizations, and Control TowerExperience with implementing RBAC and ABAC frameworks in cloud environmentsExperience with programming in Python and Node.js with focus on IAM automationExperience with identity federation protocols, including SAML, OIDC, or OAuthExperience with privileged access management (PAM) implementation and workflowsExperience with AWS Organizations and multi-account access patterns and IaC tools, including AWS CDK and Terraform for IAM managementKnowledge of PKI infrastructure and certificate managementSecret clearanceBachelor's degreeClearance:Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.CompensationAt Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values.Identity StatementAs part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.Work ModelOur people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely.If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility.If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role.EEO CommitmentWe're an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change - no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.
#J-18808-Ljbffr