IAM Cloud Security Engineer
8 hours ago
IAM Cloud Security Engineer
The Opportunity:
You know that the user is the last frontier for cyber security. It's where the perimeter is drawn, and securing identities is pivotal in the fight against cybercriminals. As an IAM specialist, you have the skills and experience to keep hackers from taking data and breaking processes. We're looking for someone like you to help our clients meet their missions without disruption.
As an Cloud Security Engineer with an Identity and Access Management (IAM) focus at Booz Allen, you'll play a critical role in the world of identity and access management and zero trust. You'll interface with stakeholders and engineering teams to delve into the details and dependencies of critical processes and users' roles within them.
You'll analyze the identity lifecycle, articulating access requirements and defining enterprise identity records. You'll use your experience in IAM to design, deploy, and support systems that verify appropriate user privileges and manage credentials for accessing our clients' most valuable assets. From single sign-on to privileged access systems, you'll have the chance to implement enterprise-class solutions and stop adversaries in their tracks.
In this role, you will:
Design and implement enterprise-wide identity and access management solutions across multi-domain cloud environments, focusing on zero-trust principles, privileged access management, and automated access governance.
Lead the development of identity-centric security architectures, implementing fine-grained access controls, and establishing automated identity lifecycle management processes across AWS environments while maintaining DoD compliance requirements.
Architect and implement comprehensive IAM solutions integrating AWS IAM, Azure AD, and on-premises identity providers.
Design role-based access control (RBAC) and attribute-based access control (ABAC) frameworks.
Develop automated user provisioning and de-provisioning workflows using AWS Organizations and Control Tower.
Implement privileged access management (PAM) solutions and just-in-time access mechanisms.
Create and maintain IAM policies using infrastructure as code, including AWS CDK and Terraform.
Design federated authentication patterns and SSO implementations.
Implement automated access reviews and certification processes.
Develop custom IAM policy automation tools and governance frameworks.
Apply today to help us as we keep the warfighter safe.
Join us. The world can't wait.
You Have:
5+ years general Cloud security
2+ years of experience with AWS IAM, Organizations, and Control Tower
Experience with implementing RBAC and ABAC frameworks in cloud environments
Experience with Infrastructure code programming in Python and Node.js with focus on IAM automation
Experience with identity federation protocols, including SAML, OIDC, or OAuth and privileged access management (PAM) implementation and workflows
Experience with AWS Organizations and multi-account access patterns and IaC tools, including AWS CDK and Terraform for IAM management
Knowledge of PKI infrastructure and certificate management
Secret clearance
HS diploma or GED
Ability to obtain a DoD 8570 IAT Level II Compliance Certification within 30 days of start date
Nice If You Have:
Experience with cross-account access patterns and permission boundary frameworks
Experience with identity governance and administration (IGA) solutions and AWS IAM Access Analyzer
Experience with integrating enterprise identity providers, including Okta, Ping, or Azure AD
Experience with session policy implementation and management
Experience with developing custom IAM policy generators and validators
Experience with privileged session monitoring and recording systems
Knowledge of service control policies (SCPs) and permission guardrails
Knowledge of automated access review and certification processes
AWS Security Specialty, AWS Certified Solutions Architect Professional, ISC2 CISSP, or CertNexus Identity and Access Management Specialist Certification
Bachelor's degree
Clearance:
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required.
Compensation
At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page.
Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $84,600.00 to $193,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees. This posting will close within 90 days from the Posting Date.Identity Statement
As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.
Work Model
Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely.
- If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility.
- If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role.
EEO Commitment
We're an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change - no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.
-
Kubernetes Security Engineer, Senior
2 weeks ago
Hanscom Air Force Base, United States Booz Allen Hamilton Full timeJob Number: R0208739Kubernetes Security Engineer, Senior The Opportunity: DevSecOps engineering requires a specific mix of development, engineering, and communication expertise. As a DevSecOps Engineer, you know that these skills create efficiency and effectiveness, so you can quickly deliver the best solutions for clients. We're looking for a DevOps...
-
Kubernetes Security Engineer, Senior
3 weeks ago
Hanscom Air Force Base, United States Booz Allen Hamilton Full timeKubernetes Security Engineer, SeniorThe Opportunity:DevSecOps engineering requires a specific mix of development, engineering, and communication expertise. As a DevSecOps Engineer, you know that these skills create efficiency and effectiveness, so you can quickly deliver the best solutions for clients. We’re looking for a DevOps Engineer like you to help...
-
Cloud Security Architect
2 weeks ago
Hanscom Air Force Base, United States Booz Allen Hamilton Full timeJob Number: R0209100Cloud Security Architect The Opportunity: Everyone is trying to "harness the cloud," but not everyone knows how to secure it. As a Cloud Security Architect, you know how to design and implement requirements that ensure the safety of cloud-based systems and protect them against intentional or inadvertent access or destruction. What if you...
-
Senior AWS Cloud Engineer
1 hour ago
Hanscom Air Force Base, United States SAIC Full timeDescription SAIC is seeking a Senior AWS Cloud Computing Engineer to join the Cloud One Digital Engineering Team. This team is responsible for the architecture, engineering and sustainment of AF Cloud Digital Engineering platform currently deployed on AWS Cloud. This work supports the Cloud One Digital Engineering program under the Air Force Lifecycle...
-
Senior Azure Cloud Engineer
3 weeks ago
Hanscom Air Force Base, United States SAIC Full timeDescription SAIC is seeking a Senior Azure Cloud Engineer to join the USAF Cloud One contract team to work in Impact Level 2-6. This candidate will be part of a team responsible for the architecture design/planning, automation, management, support, and oversight of the Cloud One Azure environments. The Senior Azure Cloud Engineer will be supporting the...
-
Senior Azure Cloud Engineer
3 weeks ago
Hanscom Air Force Base, United States SAIC Full timeDescription SAIC is seeking a Senior Azure Cloud Engineer to join the USAF Cloud One contract team to work in Impact Level 2-6. This candidate will be part of a team responsible for the architecture design/planning, automation, management, support, and oversight of the Cloud One Azure environments. The Senior Azure Cloud Engineer will be supporting the...
-
Cloud Solutions Architect
4 weeks ago
Scott Air Force Base, Illinois, United States SAIC Full timeJob SummarySAIC is seeking a highly skilled Cloud Engineer to support an IT Service Management effort for USTRANSCOM located at Scott Air Force Base (AFB) in Illinois.The successful candidate will provide technical leadership and hands-on development and implementation of commercial cloud solution architectures that modernize the way our customers architect,...
-
Sr. Network and Cyber Architect
3 months ago
Hanscom Air Force Base, United States Abacus Technology Corporation Full timeOverviewAbacus Technology is seeking a Sr. Network and Cyber Architect to act as a technical advisor for network infrastructure and security support for the Command, Control, Communication, Intelligence and Networks (C3I&N) Directorate at Hanscom AFB. This is a full-time position.ResponsibilitiesIdentify opportunities to improve enterprise-level systems to...
-
Application Security Engineer
3 weeks ago
Hanscom Air Force Base, United States Booz Allen Hamilton Full timeApplication Security EngineerThe Opportunity:As a cyber professional, you know that understanding adversary tactics, techniques, and procedures is vital to producing the intel that enables the success of mission owners. At Booz Allen, you can apply your skills and broad knowledge to inform strategies and mitigate the most pressing vulnerabilities. Here, you...
-
DevSecOps Engineer
2 weeks ago
Hanscom Air Force Base, United States Booz Allen Hamilton Full timeDevSecOps EngineerThe Opportunity:DevSecOps engineering requires a specific mix of development, engineering, and communication skills. As a DevSecOps Engineer, you know that these skills create efficiency and effectiveness, so you can quickly deliver the best solutions for clients. We’re looking for a DevOps Engineer like you to help develop critical tools...
-
Cyber Security Engineer
1 month ago
Hanscom Air Force Base, United States Millennium Corporation Full timeMillennium Corporation is hiring a Cyber Security Engineer to work in Hanscom AFB, MA in a Hybrid Capacity. The candidate must have an active secret clearance. Duties include, but not limited to:Assist with development of System Security Management Plans, Program Protection Plans, Security Risk Analyses, and other system security engineering-related...
-
Software Engineer
1 month ago
Hanscom Air Force Base, United States Abacus Technology Corporation Full timeOverviewAbacus Technology is seeking a Software Engineer to support full life cycle software solutions for the Technical Advisory and Assistance Services (TAAS) program at Hanscom AFB. This is a full-time position.ResponsibilitiesDevelop software solutions by studying information needs, confer with users; study systems flow, data usage, and work processes,...
-
Cyber Security Engineer
2 weeks ago
Hanscom Air Force Base, United States ASTRION, INC. Full timeOverviewCyber Security Engineer Be the Difference Astrion offers comprehensive services that boost preparedness, optimize performance, and ensure success across various domains, from Cyber to Digital, Mission and Systems, servicing our nation's Civilian, Defense and Space communities. We support customers with Centers of Excellence in Washington DC,...
-
Systems Engineer IV
23 hours ago
Scott Air Force Base, IL, United States OBXtek Full timeResponsibilities The following information aims to provide potential candidates with a better understanding of the requirements for this role. OBXtek is recruiting for a Systems Engineer IV (Cloud-TCODE) to work on the PEO-T contract for USTRANSCOM. The tasks for this person will be, but not limited to, the following: Lead transitioning Mobility Air...
-
Security Engineer II
2 weeks ago
Scott Air Force Base, United States Paragon Technology Group Full timeThe Security Engineer II provides technical support in the areas of vulnerability assessment, risk assessment, network security, product evaluation, and security implementation. Responsible for designing and implementing solutions for protecting the confidentiality, integrity and availability of sensitive information. Provides technical evaluations of IT...
-
Cross Domain Solution Engineer
2 weeks ago
Hanscom Air Force Base, United States Booz Allen Full timeCross Domain Solution Engineer Is your CV ready If so, and you are confident this is the role for you, make sure to apply asap. The Opportunity: Everyone knows security needs to be “baked in” to a system architecture—you actually know how to bake it in. You can identify and implement ways to harden systems and reduce their attack surface. What if you...
-
Cyber Security Engineer
3 weeks ago
Offutt Air Force Base, United States Peraton Full timeCyber Security Engineer Job DescriptionWe are seeking a highly skilled Cyber Security Engineer to join our team at Peraton. As a Cyber Security Engineer, you will be responsible for providing direct cybersecurity support for our engineering efforts and assigned projects. Your primary focus will be on cyber security analysis of system vulnerabilities and...
-
Senior Network and Cybersecurity Architect
3 weeks ago
Hanscom Air Force Base, United States Abacus Technology Corporation Full timeJob SummaryAbacus Technology Corporation is seeking a highly skilled Sr. Network and Cyber Architect to provide technical expertise in network infrastructure and security support for the Command, Control, Communication, Intelligence and Networks (C3I&N) Directorate at Hanscom AFB.Key ResponsibilitiesIdentify opportunities to improve enterprise-level systems...
-
Cloud Architect Position
3 weeks ago
Hanscom Air Force Base, MA, United States ASTRION, INC. Full timeJob SummaryAstrion, Inc. is seeking a Senior Cloud Architect to support the USAF Cloud One (C1) program. This position is part of the C3I and Infrastructure Division (AFLCMC/HNI) located at Hanscom AFB, MA. The Cloud One program is the Air Force's evolution to standardized platforms and application support services, providing secure cloud environments,...
-
Information Systems Security Officer
3 weeks ago
Hanscom Air Force Base, United States General Dynamics Information Technology Full timeType of Requisition:RegularClearance Level Must Currently Possess:Top Secret/SCIClearance Level Must Be Able to Obtain:Top Secret SCI + PolygraphSuitability:Public Trust/Other Required:NoneJob Family:Information SecurityJob Qualifications:Skills:Information Security, Information Security Management, Information System SecurityCertifications:Cisco Certified...
