Jobs at The Collective Group, LLC

View all jobs

AWS Security Engineer

Remote, US
Job Title: AWS Certified Engineer (Identity and Access Management Specialist)
Location: Remote
Employment Type: 3-Month Contract (W2 or 1099)
The Collective Group is seeking an AWS Certified Engineer with a deep understanding of AWS Identity and Access Management (IAM) to secure and optimize our enterprise AWS footprint.
Job Summary:
The AWS Certified Engineer (IAM Specialist) will be responsible for designing, implementing, and maintaining a secure identity and access management framework across our AWS environments. This role requires in-depth knowledge of AWS IAM best practices, governance, and security controls to ensure a robust and scalable cloud infrastructure.

Key Responsibilities
Identity and Access Management:
  • Design and implement enterprise-grade IAM strategies, policies, and roles to secure AWS accounts and services.
  • Define and maintain permission boundaries, service control policies (SCPs), and least-privilege access models.

Governance and Security:
  • Develop and enforce IAM governance frameworks and security best practices.
  • Conduct regular access audits and ensure compliance with industry standards and internal security policies.
  • Implement and maintain multi-account IAM structures with AWS Organizations.

Operational Management:
  • Monitor and troubleshoot IAM-related incidents and access anomalies.
  • Automate IAM tasks using tools like AWS CLI, AWS SDK, or Infrastructure as Code (IaC) solutions such as Terraform or AWS CloudFormation.

Collaboration and Stakeholder Engagement:
  • Work closely with development, security, and infrastructure teams to align IAM strategies with enterprise objectives.
  • Educate internal teams on IAM best practices and emerging AWS security trends.

Qualifications
Certifications:
  • AWS Certified Security Specialty required.
  • AWS Certified Solutions Architect or equivalent AWS certifications preferred.

Technical Skills:
  • Expertise in AWS IAM, including policy creation, role management, and federation with identity providers.
  • Familiarity with identity federation technologies (e.g., SAML, OIDC, and AWS SSO).
  • Proficiency in Infrastructure as Code (IaC) tools such as Terraform, AWS CloudFormation, or AWS CDK.
  • Experience with AWS Organizations, Control Tower, and security tools like AWS IAM Access Analyzer.
  • Strong understanding of security best practices and compliance frameworks (e.g., NIST, SOC2, PCI-DSS).

Soft Skills:
  • Excellent problem-solving and analytical skills.
  • Strong communication and documentation skills.
  • Ability to work independently and collaboratively in a dynamic environment.

Preferred Qualifications:
  • Experience with third-party identity providers such as Okta, Azure AD, or Ping Identity.
  • Familiarity with DevSecOps pipelines and security automation.
  • Hands-on experience with AWS Config, AWS CloudTrail, and AWS Security Hub.

Share This Job

Powered by