Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Arctiq

IAM Architect – Contract

Arctiq

Lead IAM Architect managing enterprise identity and access management program across multi-cloud environments for tech services company. Collaborate across AWS, Azure, and GCP with focus on security and governance.

Posted 6/11/2026contractRemote • Pennsylvania • 🇺🇸 United StatesSeniorLeadWebsite

Tech Stack

Tools & technologies
AWSAzureCloudGoGoogle Cloud PlatformMicroservicesPythonSDLCTerraformVault

About the role

Key responsibilities & impact
  • Enterprise IAM Architecture & Multi-Cloud Governance
  • Design and enforce IAM least-privilege models across AWS Organizations, Landing Zones, and Service Control Policies (SCPs)
  • Lead zero trust initiatives end-to-end: verify-explicitly policies, Just-in-Time (JIT) / Just-Enough-Access (JEA) provisioning, CIEM integration, and identity platform governance.
  • Define and maintain approved access patterns for services and users, aligned to predefined roles (Reader, Contributor, Administrator) and documented as policy-as-code.
  • Implement and govern OAuth/OIDC flows, service mesh identity controls, and federated identity across cloud and on-prem environments.
  • Maintain a comprehensive inventory of all approved AWS and Azure services, cataloging IAM resources and differentiating between control plane (roles, policies) and data plane (user/key/role/policy/group) resources.
  • Manage credentials for local data plane resources in vaults; ensure resource policies are applied consistently across services.
  • Utilize Wiz (CSPM) for cloud asset inventory, compliance reporting, evidence collection, and correlation to AWS/Azure/GCP documentation.
  • Identify and govern external dependencies including secrets, keys, and cross-account policies.
  • Develop a comprehensive metadata tagging strategy mapped to application service lines (ASL), environments, and repository associations.
  • Design and build reusable IAM modules for each service access pattern, published to the service registry with consistent enforcement of naming conventions, metadata, and parameters.
  • Embed IAM guardrails and policy-as-code controls natively into IaC templates (Terraform, CloudFormation) and CI/CD pipelines for secure-by-default provisioning.
  • Develop methodologies and criteria for pre-approved service registry modules deployable via pipelines vs. those requiring manual review.
  • Define and enforce controls pertinent to IAM and cloud security standards across all services; implement a shift-left strategy to proactively address IAM cloud operations.
  • Guide and contribute to secure microservices development in Python and Go on AWS, Azure, and GCP, including async and event-driven architectures.
  • Establish methods to correlate modules with service resource policies and user roles/policies.
  • Document IAM configurations for pipelines, repositories, and all cloud services; develop and maintain IAM SDLC documentation.
  • Develop a comprehensive IAM Cloud program strategy, defining its functions, roadmap, and maturity model.

Requirements

What you’ll need
  • 10+ years of experience in IAM, cloud security, or identity engineering roles with demonstrated progression.
  • Proficiency with CSPM tooling, specifically Wiz, for inventory, reporting, and compliance evidence collection.
  • Deep expertise in AWS multi-account governance: Organizations, Landing Zones, SCPs, and IAM least-privilege design patterns.
  • Proven experience leading zero trust initiatives including JIT/JEA provisioning, CIEM platforms, OAuth/OIDC, and service mesh identity.
  • Hands-on experience with policy-as-code tooling and embedding IAM guardrails into IaC (Terraform / CloudFormation) and CI/CD pipelines.
  • Experience securing microservices architectures (Python, Go) in async and event-driven environments across AWS, Azure, and GCP.
  • Strong command of network and data security controls: segmentation, KMS/encryption, cloud-native logging, and detection.
  • Proficiency in metadata tagging strategies, service access pattern development, and credential vault management.
  • Strong documentation, process development, and communication skills with the ability to influence cross-functional teams.

Benefits

Comp & perks
  • Equal opportunity employer
  • Accommodations or adjustments throughout the interview process

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
IAMcloud securityidentity engineeringCSPMAWSAzureGCPTerraformCloudFormationPython
Soft Skills
documentationprocess developmentcommunicationinfluenceleadership