Identity and Access Management Cloud Engineer
About The Position
We have a great opportunity for an IAM Cloud Engineer to join our Government team! You will design, build, and operate identity capabilities that secure Viasat’s cloud infrastructure, ensuring consistent, scalable access control across AWS, Azure, GCP, and enterprise systems. As an IAM Cloud Engineer, you will play a critical role in aligning identity with cloud architecture, enabling secure access to infrastructure while supporting business and engineering teams. In this role, you will partner with cloud, security, and platform teams to implement identity controls that protect cloud resources, reduce risk, and enable scalable, automated access! Your work will directly strengthen Viasat’s cloud security posture and ensure identity services operate as reliable infrastructure supporting critical systems.
Requirements
- 4+ years of experience in cloud engineering, or security engineering
- Hands-on experience with cloud IAM (AWS IAM, Azure RBAC, GCP IAM)
- Strong understanding of cloud infrastructure concepts and how identity controls access to resources
- Experience designing and managing roles, policies, and permission models in cloud environments
- Experience with identity federation and authentication protocols (SAML, OAuth, OIDC)
- Experience with scripting or automation (Python, PowerShell, Terraform, or similar)
- Understanding of least privilege, RBAC/ABAC, and identity lifecycle concepts
- Ability to troubleshoot complex access and authentication issues in distributed environments
- US Citizenship required.
- Must be able to obtain a United States Secret Clearance
Nice To Haves
- Experience integrating enterprise IAM platforms (Entra ID, Okta) with cloud environments
- Familiarity with Infrastructure as Code (Terraform, CloudFormation, Bicep) and identity-driven provisioning
- Experience managing non-human identities (service accounts, workload identity, secrets management)
- Exposure to cloud security practices (CSPM, CIEM, identity threat detection)
- Experience implementing Zero Trust or conditional access strategies in cloud-first environments
- Familiarity with logging, monitoring, and observability tools for identity activity
- Experience supporting compliance and audit requirements in cloud environments (SOX, SOC2, ISO)
- Strong collaboration skills with cloud engineering, security, and platform teams
Responsibilities
- Design and manage cloud identity and access models across AWS, Azure, and/or GCP (roles, policies, RBAC)
- Implement and maintain identity controls for cloud infrastructure, including least‑privilege access and role design
- Align enterprise IAM (e.g., Entra ID, Okta) with cloud-native identity systems
- Develop and maintain automation for cloud identity lifecycle (e.g., role provisioning, service identities, entitlement management)
- Manage and secure non-human identities, including service accounts, workload identities, and access tokens
- Partner with cloud infrastructure teams to embed identity into platform design and provisioning workflows
- Monitor and solve identity-related issues impacting cloud platforms and infrastructure access
- Contribute to implementation of Zero Trust, conditional access, and identity-based security controls in cloud environments
- Identify and remediate overprivileged access and misconfigurations across cloud environments
- Collaborate with IAM Administrators to transition repeatable tasks into automated, cloud-native workflows
Benefits
- range of medical, financial, and/or other benefits
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
