Logo
HCLTech

Cloud Security Engineers - Identity & Access Management, Vault, Cloud & Kubernet

HCLTech, Frisco, Texas, United States, 75034


Cloud Security Engineer - Identity & Access Management, Vault, Cloud & KubernetesLoc : Frisco, TX / Bothell, WADeep understand and experience implementing Microsoft EntraID/Azure AD integrated with Kubernetes for Access, authorization and application registration and controlIAM Policy as code'OPA - Open Policy Agent (Styra Enterprise version of OPA)Cedar - AWS opensource policy agentStrong knowledge of hybrid cloud, AWS, GCP, Azure and EntraID/Azure AD, OpenShift, Openstack KeystoneHands on experience with HashiCorp Vault, Cyberark or similar (PAM, secrets, certificate management platform)Responsible for analysis, design and implementation coordination for tool and service designs within the cloud identity domain.Required skillsDeep understanding of cloud computing principles, including virtualization, containerization, microservices, and serverless computing; Risk Management, RHCOS security, container security, Kubernetes security, IAM security, network security, auditing, encryption, secrets management and data protection, securing CI/CDIAM Policy as code' ; OPA - Open Policy Agent (Styra Enterprise version of OPA); Cedar - Aws opensource policy agentExperience implementing Zero trust architecturesExcellent problem-solving, analytical, and communication skills.Ability to work independently and collaboratively in a fast-paced, agile environment.Create Identity & Access as code leveraging tools such as ansible, terraform to provision in cloudAnalyze environments to identify both technical and operational challenges while making recommendations and developing solutions for improvementLead complex or high severity troubleshooting and incident/problem resolutions with other security or cloud teamsMaintain knowledge of current developments in identity and cybersecurity, pertaining to threats to IT environmentsBachelor's degree in IT, Cybersecurity or related field or equivalent experience5+ years of experience in Information security with 4+ years of experience in Identity and Access Management3+ years of experience of cloud IAM and security experience.Strong knowledge of hybrid cloud, AWS, GCP, Azure and EntraID/Azure AD, OpenShift, Openstack KeystoneHands on experience with HashiCorp Vault, Cyberark or similar (PAM, secrets, certificate management platform)Advances knowledge of Identity Security concepts, least-privilege, separation of duties, and Zero trust design principalsExperience implementing Kubernetes RBAC access controlsUnderstanding of federation technologies (WS-Fed, OAuth, OpenID connect, SAML ) and of encryption technologies (encryption types and protocols/standards)RBAC based access for cluster namespacesVulnerability and threat managementProfessional certifications CIMP, CIAM, CISSP