Sr. IAM Cloud Engineer
CornerStone Technology Talent Services
Software Engineering
Remote
Posted on Nov 26, 2025
Sr. IAM Cloud Engineer
Remote (Must reside in TX, AZ, KY, TN, GA, SC, NC, FL)| Contract | CornerStone Technology Talent Services
CornerStone Technology Talent Services (TTS) connects proven technologists with innovative teams solving today's most complex IT and security challenges. We are currently seeking a Senior IAM Cloud Engineer to lead cloud-based identity and access modernization efforts for a highly visible transformation initiative.
This opportunity places you at the center of enterprise cloud identity strategy, where you will architect and execute secure authentication and authorization frameworks across hybrid and multi-cloud platforms. This role is ideal for an engineer who thrives in fast-paced environments and is driven to evolve modern identity infrastructure at scale.
About the Role
As a Sr. IAM Cloud Engineer, you will design and implement secure identity systems that enforce strong authentication, support regulatory compliance, and enable seamless user access across internal and external systems. You will help drive key initiatives tied to conditional access, least privilege, CIEM, and zero trust principles across an evolving digital ecosystem. Working alongside the IAM architecture and engineering team, you will deliver scalable cloud IAM capabilities that directly support business enablement and cloud governance.
Key Responsibilities
- Design and manage enterprise IAM capabilities including SSO, MFA, and RBAC in Microsoft EntraID (Azure AD)
- Implement and fine-tune Conditional Access policies to support Zero Trust enforcement
- Lead IAM engineering tasks including provisioning, deprovisioning, entitlements, and access review automation
- Support cloud-based identity federation, hybrid identity integration, and secure access control patterns
- Identify and remediate IAM risks, audit gaps, and compliance issues through policy and process improvements
- Collaborate with infrastructure and DevSecOps teams to define identity requirements for new systems and cloud platforms
- Leverage scripting and automation (PowerShell, Python, Bash) to streamline IAM workflows and policy enforcement
- Evaluate and support CIEM capabilities and integrations
- Conduct IAM audits and access monitoring to ensure compliance with HIPAA, SOX, GDPR, and internal standards
- Maintain project documentation and contribute to cloud IAM architecture best practices
Required Qualifications
- 8 10 years of hands-on experience in IAM engineering with direct cloud identity and access responsibilities
- Expert-level knowledge of Microsoft EntraID (Azure AD), including Conditional Access, MFA, and identity federation
- Strong understanding of SAML, OAuth2, LDAP, and modern authentication protocols
- Experience designing and managing RBAC, access reviews, entitlement models, and policy-based access controls
- Practical knowledge of cloud security and compliance within highly regulated industries
- Proficient in scripting for IAM automation (PowerShell, Python, or Bash)
- Excellent collaboration and communication skills;ability to work across teams and communicate IAM concepts to non-technical stakeholders
Preferred Certifications
- Microsoft Certified: Identity and Access Administrator Associate
- Certified Identity and Access Manager (CIAM)
- CISSP or other relevant IAM/cloud security certifications
Contract Details
- Fully remote (U.S.-based)
- Long-term contract with expected extension
- Monday to Friday, full-time standard business hours