GovCloud IAM Operations Engineer

In order to comply with U.S. Government information security and federal contractor regulations, including Department of Defense Cloud Computing Security Requirements for Impact Level 6 Cloud Service Provider personnel, and facilitate compliance with other regulations such as FedRAMP High baseline, and requirements of certain federal contracts, this role is open to United States citizens on United States Soil only.

As an Identity and Access Management (IAM) Operations Engineer, you will be a part of the Cloud Infrastructure Security Operations Team and handle incoming IAM requests from other teams at Databricks. You will help create and implement least-privilege-based IAM solutions to meet other teams' project and access requirements. You will work with requesters to promote a good experience.

You will implement and create automated systems which reduce the operational load for incoming requests while retaining principles of least privilege and reducing the request and response time for necessary changes.  You will be a member of the CSO organization and report to the Sr. Manager for Security Cloud Infrastructure.

The impact you will have:

• Handle 90% of IAM requests within their defined service level agreements
• Create all policies with least privileges necessary to operate
• Maintain a positive NPS score
• Review and provide feedback on Cloud Infrastructure Security systems and designs for automating IAM changes in the first year
• Create automation for regularly requested operations

What we look for:

• 5+ years of experience in AWS IAM roles and permissions dealing with cross-account access and principles of least privilege across services
• Experience creating IAM roles, identities and service accounts
• Experience managing users and permission in AWS with external identity providers (e.g. Okta)
• Experience using code and automation tools (e.g. Python, Boto3) to simplify, automate and reduce change times
• Experience in a support or operations role
• Experience with user audit access
• Experience with NIST 800-53, FedRAMP, and related frameworks is preferred
• Experience with non-AWS clouds, such as GCP, Azure, etc. is valued
• Knowledge of security and governance (profiles, permission sets, data visibility, sharing settings etc)
• Domain experience in US government and industry security compliance frameworks (e.g. FedRAMP), and broader Assurance and/or Security
• Domain experience in security compliance and auditing (e.g. FedRAMP, PCI)

Benefits

• Comprehensive health coverage including medical, dental, and vision
• 401(k) Plan
• Equity awards
• Flexible time off
• Paid parental leave
• Family Planning
• Gym reimbursement
• Annual personal development fund
• Employee Assistance Program (EAP)