Senior DevSecops & IAM Engineer

Hello There,

Wish you a Happy Tuesday,

My name is Yashmita, and I am a Technical Recruiter at Kanak IT Services LLC. I am reaching out to you regarding the following job opportunity. If you are interested, kindly reply to this email yashmita@kanakits.com with your updated resume.

POSITION : SENIOR CLOUD SECURITY & IAM ENGINEER

LOCATION : LINTHICUM, MD - HYBRID ROLE (LOCAL TO MD, VA OR DC)

IN THE PROCESS OF SUBMISSION MAKE SURE THE CANDIDATE MUST SHARE HIS EDUCATION AND CERTIFICATION COPIES .

PLEASE LOOK FOR CANDIDATES LOCAL TO DMV AREA ONLY. NO RELOCATION / NO REMOTE.

THE CANDIDATES SHOULD HAVE CURRENT / PREVIOUS EXPERIENCE WITH STATE / LOCAL GOVT CLIENTS.

Key Responsibilities

• Design, implement, and maintain secure cloud solutions across AWS and Azure environments.
• Conduct cloud security assessments, configuration reviews, and risk analyses for hybrid and multi-cloud systems.
• Implement and manage IAM, IGA, and PAM solutions using SailPoint, Saviynt, Okta, and CyberArk, ensuring strong access governance and compliance.
• Integrate DevSecOps security tools into CI / CD pipelines using GitHub Actions, Jenkins, and Terraform, enhancing automation and security posture.
• Perform third-party and vendor security assessments, evaluating controls and compliance with security frameworks.
• Deploy and manage CNAPP and CSPM tools such as Wiz, Prisma Cloud, Ermetic, and CrowdStrike for continuous security posture monitoring.
• Implement RBAC, MFA, and Zero Trust principles to strengthen identity and access control mechanisms.
• Conduct vulnerability assessments and remediation using tools like Nessus, Tenable, Qualys, and Trivy.
• Ensure compliance with industry frameworks and regulations (ISO 27001, NIST 800-53, PCI DSS, HIPAA, FedRAMP, CJIS).
• Collaborate with application and infrastructure teams to embed security best practices throughout the software development lifecycle.
• Configure network segmentation, security groups, and endpoint protection to safeguard workloads and data.
• Integrate monitoring and alerting tools such as AWS WAF, GuardDuty, Security Hub, CloudTrail, and New Relic for threat detection and incident response.
• Participate in security incident management, conducting investigations, root cause analysis, and remediation.
• Stay current with emerging threats, technologies, and security trends to proactively strengthen the organization's cloud defense posture.

Required Skills & Qualifications

Technical Expertise :