Looking for candidates with expertise in AWS, especially in IAM, with hands-on experience in Terraform and Python. 6 to 9 years of hands-on experience. 

Experience of using API' s in AWS

Must have experience with Power shell or Python programming.

Cloud Custodian knowledge would be useful.

Experience working in a CI/CD environment (Continuous Integration and Continuous Deployment  environment )  along with Test Automation. 

• Responsible for the execution of enterprise-wide identity and access management strategy, design and implementation of authentication, authorization, and administration capabilities of end-user and privileged accounts (admin, service etc.) in products, systems and infrastructure in the enterprise and cloud.
• Responsible for the automation and implementation (including writing codes & scripts) of account provisioning, access review, sign-on, multi-factor authentication capabilities with identity protocols (SAML 2.0, WS-Federation, OpenID Connect, OAuth, SCIM, API etc.) to support identity federation and robust access control models (RBAC, ABAC).
• Define, review and onboarding of group/role, access policies (least privilege, step-up MFA with conditions) across multiple platforms, including but not limited to AWS, Okta, Thycotic, Centrify, SailPoint, Active Directory, O365
• Subject matter expert on security design and solution development in various security technologies (IAM, Encryption, PKI, Enterprise KMS/HSM, Certificate Manager, Web Application Firewall, Security Compliance tool etc.)
• Experience with AWS Cloud Security, Identity and Compliance service, Red Hat Enterprise Linux operating system, AMI, scripting experience - preferably with bash, python, CloudFormation script and RESTful APIs.
• Responsible for the integration of IAM platform with SIEM, CASB, EMM and other external systems.
• Support the access governance and periodic access review & recertification of privileged accounts (admin, service) in management portal, operating systems and databases in AWS, Azure and onPrem
• Lead and/or participate in the evaluation and testing of new & emerging (disruptive) security technology (e.g. blockchain) both “on paper” and technical “proof of concept”.
• Perform security assessment, system documentation and other tasks as assigned.

Mode of work : Hybrid (3 days WFO)
Work hours :  9AM to 6.30 PM.