GCP IAM Engineer (INTL Remote)

A large healthcare company is seeking an experienced GCP IAM Engineer to join its enterprise security team. The client is over $370Bn in revenue and operates over 9,000 locations. They are dedicated to putting people first from their customers to their employees, engaging with customer feedback to further innovate to provide the best care possible, simplifying processes for care, creating a trusting environment, and to creating the safest and highest quality of care to keep patients protected. The client is dedicated to giving back to those around them. They have stared a Foundation to provide financial support to the communities to help with areas such as maternal health, mental health, scholarships, free health services/screenings, etc.

The GCP Cloud IAM Engineer will be joining a team of 4 and will design, develop, automate and test Identity and access management procedures used to provision role-based access in the Google Cloud Platform. The successful candidate will work within the Enterprise Information Security Team, in partnership with the infrastructure technology and application development teams in a hands-on environment providing cloud access required to perform job functions. The successful candidate will have a strong combination of practical security, identity and access management, and Google public cloud design and automation skills.

This role will require the engineer to monitor the tickets coming in for issues and troubleshoot to find the root cause. For example, there is an app that is giving a permission error and we need the engineer to figure out where do we find what we need to troubleshoot and reverse engineer to find it and what tools to use. There will also be side projects that will come up. For example, they want to remove the viewer role but it is not as simple as you think since there are dependencies and other factors they must take into account so this engineer will be meeting with the business to really understand the needs and dependencies before moving forward. The engineer needs to have strong communication skills.

The Engineer should be have:
- Knowledge of cloud Google security fundamentals, current trends, and best practices.
- Working knowledge of GCP CLI, terraform and Python coding
- Experience in Google IAM federation, roles, policies, managing RBAC
- Experience with Service Account Impersonation & Workload Identity Federation for GCP
- Experience managing GCP Service accounts, access tokens and related security controls
- Ability to troubleshoot IAM issues, access levels across a GCP organization
- Experience managing GCP Service accounts, access tokens, and related security controls
- Ability to troubleshoot IAM issues, access levels across a GCP organization
- Experience with automation using GitHub/GitHub Actions
- Experience with the ServiceNow ticketing system



Compensation:
$15/hr to $20hr.
Exact compensation may vary based on several factors, including skills, experience, and education.
Employees in this role will enjoy a comprehensive benefits package starting on day one of employment, including options for medical, dental, and vision insurance. Eligibility to enroll in the 401(k) retirement plan begins after 90 days of employment. Additionally, employees in this role will have access to paid sick leave and other paid time off benefits as required under the applicable law of the worksite location.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

- 5-6+ years of prior experience in the related IT/Cloud field
- 3+ years of experience in Google Cloud Platform
- Subject matter expertise on Google cloud security and related API's
- Ability to troubleshoot IAM issues and access levels across a GCP organization
- Understanding of IAM hierarchy in GCP

- GCP Certification
- Experience in a large enterprise environment
- Terraform
- Working knowledge of GCP CLI and Python coding (from scratch and modification)
- Experience writing automation scripts with Python and Bash (terraform also preferred)
- Experience with Service Account Impersonation & Workload Identity Federation for GCP
- Experience reviewing and querying logs to find gaps and create a plan to remediate

Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.