Identity and Access Management Cloud Engineer

Job summary

Viasat is seeking an IAM Cloud Engineer to design, build, and operate identity capabilities for their cloud infrastructure across AWS, Azure, and GCP. This role involves implementing identity controls, aligning enterprise IAM with cloud-native systems, and developing automation for cloud identity lifecycle management. The engineer will strengthen Viasat’s cloud security posture and ensure reliable identity services for critical systems.

Benefits

Qualifications

• 4+ years of experience in cloud engineering or security engineering
• Hands-on experience with cloud IAM (AWS IAM, Azure RBAC, GCP IAM)
• Strong understanding of cloud infrastructure concepts and how identity controls access to resources
• Experience designing and managing roles, policies, and permission models in cloud environments
• Experience with identity federation and authentication protocols (SAML, OAuth, OIDC)
• Experience with scripting or automation (Python, PowerShell, Terraform, or similar)
• Understanding of least privilege, RBAC/ABAC, and identity lifecycle concepts
• Ability to troubleshoot complex access and authentication issues in distributed environments
• US Citizenship required
• Ability to obtain a United States Secret Clearance

Responsibilities

• Design, build, and operate identity capabilities to secure Viasat’s cloud infrastructure
• Ensure consistent, scalable access control across AWS, Azure, GCP, and enterprise systems
• Align identity with cloud architecture to enable secure infrastructure access
• Support business and engineering teams with identity solutions
• Partner with cloud, security, and platform teams to implement identity controls
• Protect cloud resources, reduce risk, and enable scalable, automated access
• Strengthen Viasat’s cloud security posture
• Ensure identity services operate as reliable infrastructure supporting critical systems
• Design and manage cloud identity and access models across AWS, Azure, and/or GCP
• Implement and maintain identity controls for cloud infrastructure, including least-privilege access and role design
• Align enterprise IAM (e.g., Entra ID, Okta) with cloud-native identity systems
• Develop and maintain automation for cloud identity lifecycle
• Manage and secure non-human identities, including service accounts, workload identities, and access tokens
• Partner with cloud infrastructure teams to embed identity into platform design and provisioning workflows
• Monitor and solve identity-related issues impacting cloud platforms and infrastructure access
• Contribute to implementation of Zero Trust, conditional access, and identity-based security controls in cloud environments
• Identify and remediate overprivileged access and misconfigurations across cloud environments
• Collaborate with IAM Administrators to transition repeatable tasks into automated, cloud-native workflows

Skills

Security clearance

Relocation