[Remote] Identity and Access Management Cloud Engineer
Note: The job is a remote job and is open to candidates in USA. Viasat is a company focused on delivering connections that change the world, and they are seeking an IAM Cloud Engineer to join their Government team. This role involves designing, building, and operating identity capabilities for Viasat's cloud infrastructure, ensuring secure access control across various cloud platforms.
Responsibilities
- Design and manage cloud identity and access models across AWS, Azure, and/or GCP (roles, policies, RBAC) Implement and maintain identity controls for cloud infrastructure, including least‑privilege access and role design
- Align enterprise IAM (e.g., Entra ID, Okta) with cloud-native identity systems
- Develop and maintain automation for cloud identity lifecycle (e.g., role provisioning, service identities, entitlement management)
- Manage and secure non-human identities, including service accounts, workload identities, and access tokens
- Partner with cloud infrastructure teams to embed identity into platform design and provisioning workflows
- Monitor and solve identity-related issues impacting cloud platforms and infrastructure access
- Contribute to implementation of Zero Trust, conditional access, and identity-based security controls in cloud environments
- Identify and remediate overprivileged access and misconfigurations across cloud environments
- Collaborate with IAM Administrators to transition repeatable tasks into automated, cloud-native workflows
Skills
- 4+ years of experience in cloud engineering, or security engineering
- Hands-on experience with cloud IAM (AWS IAM, Azure RBAC, GCP IAM)
- Strong understanding of cloud infrastructure concepts and how identity controls access to resources
- Experience designing and managing roles, policies, and permission models in cloud environments
- Experience with identity federation and authentication protocols (SAML, OAuth, OIDC)
- Experience with scripting or automation (Python, PowerShell, Terraform, or similar)
- Understanding of least privilege, RBAC/ABAC, and identity lifecycle concepts
- Ability to troubleshoot complex access and authentication issues in distributed environments
- US Citizenship required
- Must be able to obtain a United States Secret Clearance
- Experience integrating enterprise IAM platforms (Entra ID, Okta) with cloud environments
- Familiarity with Infrastructure as Code (Terraform, CloudFormation, Bicep) and identity-driven provisioning
- Experience managing non-human identities (service accounts, workload identity, secrets management)
- Exposure to cloud security practices (CSPM, CIEM, identity threat detection)
- Experience implementing Zero Trust or conditional access strategies in cloud-first environments
- Familiarity with logging, monitoring, and observability tools for identity activity
- Experience supporting compliance and audit requirements in cloud environments (SOX, SOC2, ISO)
- Strong collaboration skills with cloud engineering, security, and platform teams
Benefits
- Additional cash or stock incentives may be provided as part of the compensation package
- A range of medical, financial, and/or other benefits, dependent on the position offered
Company Overview