IAM Engineer

Role: Google Cloud Platform IAM Engineer
Location : Plano, TX
Type: Only on our W2 Role Description

Seeking an experienced IAM (Identity and Access Management) Specialist/Engineer to support the implementation of Google Cloud Platform Atlas 2.0 Control Plane and Vertex AI enablement for a large-scale financial services client. This role will be critical in establishing secure, governed access to Google Gemini AI model endpoints while maintaining strict compliance with enterprise security standards.

Google Cloud Platform IAM Expertise

• Deep experience with Google Cloud IAM
• Google Cloud Platform Vertex AI IAM
• Resource hierarchy
• Infrastructure as Code Terraform - Advanced proficiency: Google Cloud Platform provider expertise (google, google-beta)
• IAM module development
• State management and remote backends
• Workspace and environment management
• Python - Strong scripting skills for automation: Google Cloud Client Libraries
• IAM policy manipulation and validation
• API integration and orchestration

Security & Compliance

• Strong understanding of zero-trust architecture principles
• Experience with data classification and sensitivity-based access controls
• Knowledge of financial services compliance requirements (ideally experience with JPMC or similar enterprises)
• Familiarity with SOC 2, ISO 27001, PCI-DSS or similar frameworks
• Understanding of encryption, key management (Cloud KMS), and secrets management (Secret Manager)

Networking & Security Controls

• Understanding of VPC networking and its intersection with IAM (private Google access, shared VPC)
• Experience with VPC Service Controls and security perimeters
• Knowledge of firewall rules, Cloud Armor, and Cloud Load Balancing as they relate to access control
• Familiarity with PrivateLink/Private Service Connect patterns

Supporting Technical Skills

• Git/version control - experience with GitLab, GitHub, or Bitbucket
• CI/CD pipelines - Jenkins, GitLab CI, Cloud Build, or similar
• API security - OAuth 2.0, OIDC, API keys, and token management
• Logging and monitoring - Cloud Logging, Cloud Monitoring, integration with SIEM tools
• Container security - GKE workload identity, service mesh authentication (Istio/Anthos Service Mesh)

For applications and inquiries, contact: hirings@openkyber.com