IAM Developer – AWS

at ACS Solutions
Location Deerfield, IL
Date Posted May 19, 2021
Category Default
Job Type Full-time


Description: Identity Access Management (IAM) Developer - Cloud AWS
Can work 100% Remote / US Hours

12 Months Contract

Subject matter expert in the design, development and implementation of identity and access management (IAM) solutions to support critical systems, products and business programs. Responsible for information security processes & controls to protect the confidentiality, integrity and availability of personal and health information, as well as corporate data. Hands-on, active member of the team, helping to drive business and security objectives forward.

7+ years of software development and coding experience in programming languages such as Python, Java, .NET, PowerShell, SQL, XML, JSON. Experience with various open source software and development tools.

Experience with AWS IAM, KMS & security, identity, & compliance services is required. Additional experience with enterprise access management (Okta, AzureAD, Auth0, AD/LDAP), identity governance & administration (SailPoint, Saviynt, Oracle), privileged access management (Thycotic, Centrify, CyberArk) tools is preferred.

Experience in automating & implementing identity & security solutions for cloud infrastructure (AWS, Azure), SaaS deployment (Office 365, Salesforce, Workday) and on-premise IT landscapes. DevSecOps experience is a plus

Subject matter expert on enterprise web & mobile application technologies, security and identity services and solution architecture.

Knowledge of typical enterprise identity life cycle management processes and standards.

Excellent oral and written communication skills including ability to interact effectively with developer community, technical staff, vendors, project stakeholders and senior management.

Ability to work independently and cross-functionally supporting various integration and implementation projects.

Excellent analytical, problem solving, time management and task prioritization skills.

Experience working in large, complex, global environment, healthcare industry and regulatory controls such as HIPAA, GDPR, FDA, GxP, SOX is a plus.

Bachelor's degree in Computer Science or higher, and/or equivalent experience.

Key Responsibilities:

Responsible for the execution of enterprise-wide identity and access management strategy, design and implementation of authentication, authorization, and administration capabilities of end-user and privileged accounts (admin, service etc.) in products, systems and infrastructure in the enterprise and cloud.

Responsible for the automation and implementation (including writing codes & scripts) of account provisioning, access review, sign-on, multi-factor authentication capabilities with identity protocols (SAML 2.0, WS-Federation, OpenID Connect, OAuth, SCIM, API etc.) to support identity federation and robust access control models (RBAC, ABAC).

Define, review and onboarding of group/role, access policies (least privilege, step-up MFA with conditions) across multiple platforms, including but not limited to AWS, Okta, Thycotic, Centrify, SailPoint, Active Directory, O365

Subject matter expert on security design and solution development in various security technologies (IAM, Encryption, PKI, Enterprise KMS/HSM, Certificate Manager, Web Application Firewall, Security Compliance tool etc.)

Experience with AWS Cloud Security, Identity and Compliance service, Red Hat Enterprise Linux operating system, AMI, scripting experience - preferably with bash, python, CloudFormation script and RESTful APIs.

Responsible for the integration of IAM platform with SIEM, CASB, EMM and other external systems.

Support the access governance and periodic access review & recertification of privileged accounts (admin, service) in management portal, operating systems and databases in AWS, Azure and onPrem

Lead and/or participate in the evaluation and testing of new & emerging (disruptive) security technology (e.g. blockchain) both "on paper" and technical "proof of concept".

Perform security assessment, system documentation and other tasks as assigned.