Role: Senior IAM Operations Engineer (SRE & Cloud Security)
Location: Richmond, VA/Mclean, VA/Plano, TX
Duration: ~12 months yes possible to extend and/or convert
Hybrid 3 days on site a week
Key Responsibilities:
Infrastructure & Cloud Operations...
Hybrid Identity Management: Manage and optimize the core identity footprint
across enterprise Active Directory (AD/Azure AD) and AWS IAM (including AWS
Organizations, IAM Identity Center, Service Control Policies, and complex
cross-account roles).
Infrastructure as Code (IaC): Maintain and deploy IAM resources, policies, and
directory configurations using tools like Terraform or CloudFormation.
SRE Mindset: Ensure the uptime, performance, and scalability of Identity
systems. Proactively minimize operational "toil" through automation,
scripting, and self-service tooling.
CI/CD & Automation...
Pipeline Management: Design and support CI/CD pipelines (e.g., GitHub Actions,
GitLab CI, Jenkins) to securely automate policy testing, deployment, and
validation.
Automated Governance: Implement guardrails and automated compliance scanning
into the deployment pipelines to prevent privilege creep and misconfigurations
before they reach production.
Observability & Incident Response...
Deep Telemetry: Establish comprehensive monitoring, logging, and alerting for
all authentication and authorization paths using tools like Datadog, Splunk,
Prometheus, ELK, or AWS CloudWatch/CloudTrail.
Incident Handling & Post-Mortems: Act as a tier-3 escalation point for
complex identity and authentication issues. Lead blameless post-mortems to
identify root causes and build automated preventions for future outages
Qualifications:
Strong Site Reliability Engineering (SRE) background to manage, scale, and
secure our enterprise identity infrastructure.
Ability to bridge the gap between traditional identity management (Active
Directory) and modern cloud architectures (AWS)
Instead of manually provisioning access, ability to build and maintain CI/CD
pipelines to automate infrastructure changes, leverage observability frameworks
to maintain platform health, and treat identity infrastructure as a highly
available distributed system.