Cloud Services Architect

Insight Global is looking for a Cloud Services Architect for a 2 month contract. This is a remote opportunity. A successful candidate will create IAM users, groups and roles including creating and managing users, organize them into groups and assign roles for human and programmatic access. Will write and troubleshoot inline and managed IAM policies for users, groups and roles. Set maximum permissions for users and roles, apply policies directly to AWS resources like S3 and Lambda and design scalable access controls that minimize risk.

We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to Human Resources Request Form. The EEOC "Know Your Rights" Poster is available here.

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .

- Understand complex JSON-based IAM policies, including conditions, resource-level permissions, and the use of wildcards or variables for dynamic access control.
- Understanding of how AWS evaluates allow and deny statements, explicit and implicit denies and policy conflicts
- Experience debugging policies using AWS Policy Simulator and CloudTrail logs to resolve access denied errors
- Experience utilizing service control policies (SCPs) in AWS organizations
- Experience utilizing AWS organizations, SCPs, and AWS Control Tower for centralizing IAM
- Experience automating IAM resource creation and policy management using AWS CloudFormation, Terraform or AWS CDK
- Experience designing reusable templates and modules for IAM roles, policies and permission sets.
- Experience utilizing AWS CLI, SDKs (like Boto3 for Python), and automation tools for managing IAM at scale
- Experience building automated workflows (provisioning, de-provisioning and rotating credentials)
- Ability to set up and analyze AWS CloudTrail logs for IAM activity monitoring and forensic investigations
- Experience configuring AWS config rules to monitor compliance and detect configuration drifts
- Ability to communicate IAM concepts to both technical and non-technical folks
- Proven ability documenting policies, processes and incident response plans

- Certifications including AWS Certified Security, AWS certified solutions architect
- Azure IAM skills

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.