Senior Cloud IAM Engineer (US Federal)
About The Position
Workday is a Fortune 500 company and a leading AI platform for managing people, money, and agents, committed to making hard work pay off for its people, customers, and the world. The company fosters a culture rooted in integrity, empathy, and shared enthusiasm, encouraging curious minds and courageous collaborators. Workday Government focuses on outcomes that serve a larger mission, supporting U.S. federal agencies in modernizing and transforming employee lifecycle experiences and finance operations. This involves bringing modern technology, responsible AI, and secure infrastructure to complex environments, including the US Government air-gapped classified cloud environment. This role specifically supports direct or indirect contracts with the U.S. Federal Government, requiring all personnel to be United States citizens. The position is for a cloud engineer specializing in managing entitlements and permissions across cloud services like AWS, Azure/EntraID, or GCP. The engineer will be responsible for automating identity administration, authentication, and authorization within the air-gapped network, working with infrastructure and compliance as code using CI/CD pipelines. Collaboration with other cloud engineering and Cybersecurity teams within Workday Government is essential to build out the new organization focused on the unique requirements of the DoD and Intel agencies.
Requirements
- United States citizen (naturalized or native)
- Ability to obtain and maintain a U.S. government issued security clearance
- 5+ years as a cloud engineer, focused on IAM
- Experience in centralizing authentication/authorization and RBAC/PBAC
- Managing infrastructure as code using tools like Github and Terraform
- Experience developing tools for automation in Python or other programming languages
- Experience integrating cloud platforms with external tools like Okta, EntraID or similar for centralized authentication and SSO
- Experience in utilizing one or more SEIM tools (Splunk or similar) for log aggregation and analysis, threat playbooks and auditing
- Familiarity with NIST 800-53 and DoD/Intel control frameworks
- Bachelor's degree or higher in computer science, cybersecurity, or comparable work/educational experience
- Familiarity with identity governance workflows, user lifecycle management (joiners, movers, leavers)
- Understand infrastructure and compliance as code, using CI/CD pipelines
- Familiarity with standard federation protocols used in IAM including OAUTH, OIDC, SAML and SCIM
Nice To Haves
- An active TS/SCI w/CI Poly security clearance
Responsibilities
- Manage entitlements and permissions in a cloud services environment (AWS, Azure/EntraID or GCP)
- Automate identity administration, authentication and authorization to resources in the air-gapped network
- Work with other teams in cloud engineering and the broader Cybersecurity organization in Workday Government to build the new organization focused on DoD and Intel agencies
Benefits
- Workday Bonus Plan or a role-specific commission/bonus
- Annual refresh stock grants
- Flexible schedule
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Number of Employees
5,001-10,000 employees
