Hi, We are seeking a seasoned IAM & Cloud Security Engineer to drive the secure migration of identity, access, and security workloads from AWS to Azure and GCP, while establishing Policy-as-Code (PaC) and IAM Infrastructure-as-Code (IaC) automation frameworks.
This role combines deep technical expertise in cloud IAM, policy governance, CI/CD automation, and infrastructure security. You will define, implement, and operationalize a unified security automation pipeline across Azure and GCP environments for Smart TV and Mobile Cloud infrastructure workloads. You will collaborate closely with DevOps, Cloud Platform, and Security Architecture teams to ensure secure-by-design implementations and compliance alignment across all environments. *Services Location*: TX/Dallas- must be local to Dallas - onsite 5 days a week *Max Rate*: $55 *Key Responsibilities: * - Identity and Access Management (IAM) Migration - Lead IAM migration from AWS IAM policies, roles, and groups to Azure Active Directory, Azure RBAC, and GCP IAM roles and bindings. - Develop Terraform IaC modules to automate IAM resource creation across Azure and GCP environments. - Ensure the least privilege and separation of duties principles are enforced in all IAM configurations. - Integrate cloud identity providers (Azure AD, Cloud Identity) with corporate SSO (SAML/OIDC). - Establish service identities, workload identities, and managed identities for CI/CD and application workloads. - Policy-as-Code (PaC) Governance - Define and implement Policy-as-Code frameworks to enforce cloud governance and compliance baselines in Azure and GCP. - Develop and maintain PaC pipelines using Terraform Sentinel, OPA (Open Policy Agent), or Azure Policy. - Establish CI/CD pipelines for Policy-as-Code validation, testing, and deployment. - Provide guidance and best practices for developing reusable and scalable PaC modules. - Implement policy version control, exception management, and automated compliance enforcement. - Collaborate with security architects to define policy coverage requirements (IAM, networking, encryption, storage, and tagging). - CI/CD and Automation for Security & IAM - Design and establish CI/CD pipelines for IAM IaC and Policy-as-Code deployments across Azure DevOps, GitHub Actions, and Google Cloud Build. - Automate security control deployments using Terraform, including IAM roles, key management, and network policies. - Integrate policy compliance checks into the CI/CD flow for both infrastructure and application security pipelines. - Build reusable Terraform pipelines to enforce consistent security posture across environments. - Establish pipeline security gates (pre-deployment and post-deployment) for IAM and PaC changes. - Security Workload Migration (AWS ? Azure & GCP) - Migrate security workloads such as WAF configurations, key management (KMS), and security analytics from AWS to Azure and GCP. - Develop IaC for host infrastructure and application security controls in target clouds. - Map AWS security services (IAM, KMS, WAF, GuardDuty) to Azure Security Center, Defender for Cloud, and GCP Security Command Center equivalents. - Recreate AWS Config Rules and SCPs as Azure Policies and GCP Organization Policies. - Ensure encryption, secrets management, and logging solutions are replicated or enhanced in target platforms. - Participate in testing, validation, and audit readiness for migrated security components. - Security Monitoring, Compliance & DR Integration - Integrate monitoring and alerting with Azure Monitor, GCP Operations Suite, and SIEM tools. - Enable IAM and security event logging via Azure Activity Logs, GCP Audit Logs, and Cloud Logging. - Contribute to Disaster Recovery (DR) security alignment—ensuring IAM, policy, and encryption configurations are recoverable and consistent across regions. - Maintain auditability and compliance mapping (ISO 27001, NIST, SOC 2) *Deliverables*: -Process Flows -Mentor and Knowledge transfer to client project team members -Participate as primary, co and/or contributing author on any and all project deliverables associated with their assigned areas of responsibility -Participate in data conversion and data maintenance -Provide best practice and industry specific solutions -Advise on and provide alternative (out of the box) solutions -Provide thought leadership as well as hands on technical configuration/development as needed. -Participate as a team member of the functional team -Perform other duties as assigned. *Acceptance Criteria*: Preferred Skills: Experience with Azure Blueprints, GCP Forseti Config Validator, or OPA Conftest. Familiarity with cross-cloud SSO and federated identity models. Strong scripting background (Python, PowerShell, or Bash). Prior experience migrating workloads from AWS ? Azure and AWS ? GCP. *Certifications: * Google Professional Cloud Security Engineer Microsoft Certified: Azure Security Engineer Associate AWS Certified Security – Specialty HashiCorp Certified: Terraform Associate *Soft Skills: * Strategic thinker with a strong analytical and automation mindset. Excellent communication across cloud platforms, DevOps, and compliance teams. Strong documentation discipline and adherence to governance frameworks. Proven leadership in cross-functional cloud security initiatives *Thanks,* *Lyra Dass* *Human Resources ManagerDigital Resource Partners LLC* *+1(945)248-3020* *https://drpscorp.com/ <https://drpscorp.com/>* -- You received this message because you are subscribed to "rtc-linux". Membership options at http://groups.google.com/group/rtc-linux . Please read http://groups.google.com/group/rtc-linux/web/checklist before submitting a driver. --- You received this message because you are subscribed to the Google Groups "rtc-linux" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/d/msgid/rtc-linux/CAEL7yFTtWPUvHPed-kUhGJJbeasoQVYLouwOWJmfdaWHyk1Hsw%40mail.gmail.com.
