IAM Cloud Engineer

Are you a professional with 6+ years of experience? We’re hiring for Contract roles for Toronto, ON Canada!

Role: IAM Cloud Engineer – Hybrid
Job Location:- Toronto, ON
Contract

Responsibilities:
Design and implement IAM frameworks for Azure Entra ID and Google Identity, ensuring robust access controls for cloud and hybrid workloads.
Develop Workload Identity Federation (WIF) models to securely integrate AI/ML pipelines with cloud IAM policies.
Harden privileged access models (e.g., Azure PIM, CyberArk) to enforce Just-in-Time (JIT) access across cloud environments.
Implement multi-cloud IAM governance strategies to align identity policies between Azure and GCP.
Enhance OAuth 2.0, mTLS, and JWT-based authentication for securing API access and service mesh integrations.
Implement IAM-based secrets injection into AI/ML pipelines for Azure Machine Learning and Vertex AI workloads.
Secure LLM (Large Language Model) deployments by enforcing access controls on AI/ML datasets and inference endpoints.
Ensure IAM security for MLOps workflows, securing AI models, training data, and API keys
Support SIEM integration for identity-related event monitoring and Dyantrace
Implement role-based access control (RBAC) and attribute-based access control (ABAC) policies for cloud workloads.
Enforce IAM policies for AI/ML workloads, ensuring compliance with SOC 2, NIST, and ISO 27001 standards.
Collaborate with domain architects and LOB stakeholders to streamline IAM onboarding for developers and data scientists.
Required Technical Skills
Strong expertise in Azure Entra ID (formerly Azure AD) & Google Identity.
Experience implementing Workload Identity Federation (WIF) in GCP and Azure Managed Identities.
Hands-on experience with OAuth 2.0, mTLS, JWT, and API gateway IAM policies (Apigee, Azure API Management).
Strong understanding of privileged access security (PAM), JIT access, and admin role governance.
Experience with HashiCorp Vault for managing cloud secrets and workload identity.
Knowledge of IAM security best practices for securing Azure ML, Vertex AI, and AI/ML model access.
Ability to design secure secrets retrieval models for CI/CD pipelines, Ansible playbooks, and VMs.
Proficiency in Terraform, Ansible, and GitHub Actions for IAM policy automation.
Strong knowledge of CI/CD security for IAM, including GitHub OIDC and workload identity enforcement.
Familiarity with GCP IAM policy bindings, Terraform IAM modules, and Azure RBAC automation.
Hands on experience integrating IAM logs with SIEM solutions (Splunk, Sentinel, Dyantrace) for real-time monitoring.
Experienced with IAM threat modeling, anomaly detection, and access risk mitigation strategies.

📧 Send your resume to: aayush.t@jconnectinc.com