IAM Cloud Security Engineer
4 weeks ago
IAM Cloud Security Engineer
The Opportunity:
You know that the user is the last frontier for cyber security. It's where the perimeter is drawn, and securing identities is pivotal in the fight against cybercriminals. As an IAM specialist, you have the skills and experience to keep hackers from taking data and breaking processes. We're looking for someone like you to help our clients meet their missions without disruption.
As an Cloud Security Engineer with an Identity and Access Management (IAM) focus at Booz Allen, you'll play a critical role in the world of identity and access management and zero trust. You'll interface with stakeholders and engineering teams to delve into the details and dependencies of critical processes and users' roles within them.
You'll analyze the identity lifecycle, articulating access requirements and defining enterprise identity records. You'll use your experience in IAM to design, deploy, and support systems that verify appropriate user privileges and manage credentials for accessing our clients' most valuable assets. From single sign-on to privileged access systems, you'll have the chance to implement enterprise-class solutions and stop adversaries in their tracks.
In this role, you will:
Design and implement enterprise-wide identity and access management solutions across multi-domain cloud environments, focusing on zero-trust principles, privileged access management, and automated access governance.
Lead the development of identity-centric security architectures, implementing fine-grained access controls, and establishing automated identity lifecycle management processes across AWS environments while maintaining DoD compliance requirements.
Architect and implement comprehensive IAM solutions integrating AWS IAM, Azure AD, and on-premises identity providers.
Design role-based access control (RBAC) and attribute-based access control (ABAC) frameworks.
Develop automated user provisioning and de-provisioning workflows using AWS Organizations and Control Tower.
Implement privileged access management (PAM) solutions and just-in-time access mechanisms.
Create and maintain IAM policies using infrastructure as code, including AWS CDK and Terraform.
Design federated authentication patterns and SSO implementations.
Implement automated access reviews and certification processes.
Develop custom IAM policy automation tools and governance frameworks.
Apply today to help us as we keep the warfighter safe.
Join us. The world can't wait.
You Have:
5+ years general Cloud security
2+ years of experience with AWS IAM, Organizations, and Control Tower
Experience with implementing RBAC and ABAC frameworks in cloud environments
Experience with Infrastructure code programming in Python and Node.js with focus on IAM automation
Experience with identity federation protocols, including SAML, OIDC, or OAuth and privileged access management (PAM) implementation and workflows
Experience with AWS Organizations and multi-account access patterns and IaC tools, including AWS CDK and Terraform for IAM management
Knowledge of PKI infrastructure and certificate management
Secret clearance
HS diploma or GED
Ability to obtain a DoD 8570 IAT Level II Compliance Certification within 30 days of start date
Nice If You Have:
Experience with cross-account access patterns and permission boundary frameworks
Experience with identity governance and administration (IGA) solutions and AWS IAM Access Analyzer
Experience with integrating enterprise identity providers, including Okta, Ping, or Azure AD
Experience with session policy implementation and management
Experience with developing custom IAM policy generators and validators
Experience with privileged session monitoring and recording systems
Knowledge of service control policies (SCPs) and permission guardrails
Knowledge of automated access review and certification processes
AWS Security Specialty, AWS Certified Solutions Architect Professional, ISC2 CISSP, or CertNexus Identity and Access Management Specialist Certification
Bachelor's degree
Clearance:
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.
Compensation
At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page.
Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $84,600.00 to $193,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees. This posting will close within 90 days from the Posting Date.Identity Statement
As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.
Work Model
Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely.
- If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility.
- If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role.
EEO Commitment
We're an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change - no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.
-
Security Engineer
3 weeks ago
Hanscom Air Force Base, United States Booz Allen Hamilton Full timeJob Number: R0208845IAM Cloud Security EngineerThe Opportunity: You know that the user is the last frontier for cybersecurity. It‘s where the perimeter is drawn, and securing identities is pivotal in the fight against cybercriminals. As an Identity and Access Management (IAM) Specialist, you have the skills and experience to keep hackers from taking data...
-
Cloud Security Engineer with Expertise in DevOps
3 weeks ago
Hanscom Air Force Base, United States Booz Allen Hamilton Full timeWe are seeking a highly skilled Cloud Security Engineer to join our team at Booz Allen Hamilton. As a Cloud Security Engineer, you will play a key role in helping us develop and implement secure cloud-based solutions for our clients.Key ResponsibilitiesDesign and implement secure cloud architectures using AWS Cloud Computing and native AWS...
-
Kubernetes Security Architect
2 weeks ago
Hanscom Air Force Base, United States Booz Allen Hamilton Full timeJob SummaryBooz Allen Hamilton seeks a Senior Kubernetes Security Engineer to develop secure runtime platforms and manage capabilities for containerized mission applications.Key ResponsibilitiesDesign and implement secure Kubernetes clusters using enterprise cloud security and secure platform management best practices.Develop and maintain Helm charts for...
-
Lead Cloud Security Architect Position
2 weeks ago
Hanscom Air Force Base, United States Sev1Tech Full timeJob Title: Lead Cloud Security ArchitectJob Description:Sev1Tech is seeking a highly experienced Lead Cloud Security Architect to join our team. As a Lead Cloud Security Architect, you will be responsible for ensuring the security of our cloud infrastructure and solutions, developing and implementing security standards and best practices, and providing...
-
Kubernetes Security Engineer, Senior
3 weeks ago
Hanscom Air Force Base, United States Booz Allen Hamilton Full timeJob Number: R0208739 Kubernetes Security Engineer, Senior The Opportunity: DevSecOps engineering requires a specific mix of development, engineering, and communication expertise. As a DevSecOps Engineer, you know that these skills create efficiency and effectiveness, so you can quickly deliver the best solutions for clients. We're looking for a DevOps...
-
Kubernetes Security Engineer, Senior
2 months ago
Hanscom Air Force Base, United States Booz Allen Hamilton Full timeJob Number: R0208739Kubernetes Security Engineer, Senior The Opportunity: DevSecOps engineering requires a specific mix of development, engineering, and communication expertise. As a DevSecOps Engineer, you know that these skills create efficiency and effectiveness, so you can quickly deliver the best solutions for clients. We're looking for a DevOps...
-
Cloud Security Engineer
2 weeks ago
Scott Air Force Base, Illinois, United States World Wide Technology Full timeOverviewWe are seeking a highly skilled Cloud Security Engineer to join our team at World Wide Technology. As a Cloud Security Engineer, you will play a critical role in designing and implementing secure cloud-based solutions for our clients.
-
Kubernetes Security Engineer, Senior
2 months ago
Hanscom Air Force Base, United States Booz Allen Hamilton Full timeKubernetes Security Engineer, SeniorThe Opportunity:DevSecOps engineering requires a specific mix of development, engineering, and communication expertise. As a DevSecOps Engineer, you know that these skills create efficiency and effectiveness, so you can quickly deliver the best solutions for clients. We’re looking for a DevOps Engineer like you to help...
-
Security Cloud Architect
4 weeks ago
Hanscom Air Force Base, United States Insight Global Full time-5+ years of experience supporting application and infrastructure modernization from brown to green or blue to green (lift-and-shift, lift-and-modernize) -Extensive experience with cloud technologies specifically AWS-Experience with Application/Cloud value streams (utilizing repeatable CI/CD pipelines, and DevSecOps)-Experience with networking (load...
-
Lead Cloud Security Solutions Architect
2 days ago
Hanscom Air Force Base, United States Sev1Tech Full timeAbout the RoleWe are looking for a highly experienced Lead Cloud Security Solutions Architect to lead our cloud security efforts. In this role, you will be responsible for developing and implementing comprehensive security strategies for our cloud infrastructure and solutions.You will work closely with our engineering team to design and implement secure...
-
Senior AWS Cloud Engineer
4 weeks ago
Hanscom Air Force Base, United States SAIC Full timeDescription SAIC is seeking a Senior AWS Cloud Computing Engineer to join the Cloud One Digital Engineering Team. This team is responsible for the architecture, engineering and sustainment of AF Cloud Digital Engineering platform currently deployed on AWS Cloud. This work supports the Cloud One Digital Engineering program under the Air Force Lifecycle...
-
Cloud Engineer
3 weeks ago
Scott Air Force Base, United States Logistics Management Institute Full timeOverview LMI is seeking a cloud engineer to perform information technology related requirements as part of an integrated team supporting for the Department of Defense, United States Transportation Command. The position requires proficiency in AWS services with a focus on CDK, Typescript, and JavaScript. Work will be performed at Scott AFB, IL and in the...
-
Network Security Engineer
3 weeks ago
Hanscom Air Force Base, United States Booz Allen Hamilton Full timeJob Number: R0209099Cloud Network Security EngineerThe Opportunity:Everyone is trying to ‘harness the power of the cloud,‘ but not everyone knows how. As a Cloud Security Engineer, you know how to take advantage of cloud capabilities. On our team of experts, you‘ll usecutting-edge enterprise cloud platforms tosupportyour clientsas theymodernize their...
-
Senior Cloud Security Manager
2 days ago
Hanscom Air Force Base, United States Sev1Tech Full timeJob DescriptionWe are seeking a highly skilled Senior Cloud Security Manager to join our team at Sev1Tech. As a senior leader in cloud security, you will be responsible for overseeing the development and implementation of cloud security strategies and policies.You will work closely with our leadership team to ensure that our cloud-based solutions meet the...
-
Security Engineer
7 days ago
Hanscom Air Force Base, United States Booz Allen Hamilton Full timeJob Number: R0208913General Cloud Security EngineerThe Opportunity:Are you looking for an opportunity to share your experience in cloud security to safeguard our nation? As a Cloud Security Engineer, you will lead the technical implementation of security solutions using Infrastructure as Code (IaC) and security automation frameworks. We need your experience...
-
Cloud Engineering Lead
3 days ago
Hanscom Air Force Base, United States Insight Global Full timeAbout the RoleWe are seeking a Cloud Engineering Lead to support our clients in Lexington, MA. As a Cloud Engineering Lead, you will be responsible for managing technical baselines, designing system-level tests, and ensuring that subsystems and system performance meet approved specifications.Your primary focus will be on conducting program reviews to...
-
Cloud Infrastructure Specialist
2 weeks ago
Scott Air Force Base, Illinois, United States Logistics Management Institute Full timeJob OverviewLMI is seeking a Cloud Engineer to support the Department of Defense, United States Transportation Command. This role requires proficiency in AWS services with a focus on CDK, Typescript, and JavaScript.We are reimagining the path from insight to outcome at The New Speed of PossibleTM. Combining a legacy of over 60 years of federal expertise with...
-
Cross Domain Solution Engineer
2 days ago
Hanscom Air Force Base, United States Booz Allen Hamilton Full timeCross Domain Solution EngineerThe Opportunity:Everyone knows security needs to be “baked in” to a system architecture—you actually know how to bake it in. You can identify and implement ways to harden systems and reduce their attack surface. What if you could use your skills to design and develop secure systems for the Air Force? We’re looking for a...
-
Cyber Security Specialist III
2 weeks ago
Hanscom Air Force Base, United States General Dynamics Information Technology Full timeAbout the Job:General Dynamics Information Technology (GDIT) is seeking a highly skilled Cyber Security Specialist III to join our team. As a key member of our security team, you will be responsible for ensuring the operational security posture of an information system and collaborating with the ISSM and ISO.Key Responsibilities:Manage the security aspects...
-
Application Security Engineer
2 days ago
Hanscom Air Force Base, United States Booz Allen Hamilton Full timeApplication Security EngineerThe Opportunity:As a cyber professional, you know that understanding adversary tactics, techniques, and procedures is vital to producing the intel that enables the success of mission owners. At Booz Allen, you can apply your skills and broad knowledge to inform strategies and mitigate the most pressing vulnerabilities. Here, you...