[Remote] Cloud Architect - Identity and Access Management

Note: The job is a remote job and is open to candidates in USA. Nortal is a global technology consulting company driving digital transformation in various sectors, including government and healthcare. They are seeking a hands-on Cloud Architect with expertise in Identity and Access Management to design and guide IAM modernization across AWS, Azure, and GCP while working directly with clients and engineering teams.

Responsibilities

• Assess IAM environments across AWS IAM, Azure Entra ID, and GCP IAM by reviewing roles, permissions, service accounts, access patterns, and cloud audit logs such as CloudTrail, CloudWatch, Azure Monitor, and GCP Logging.
• Identify gaps, risks, overly permissive access, and opportunities to modernize identity structures.
• Develop clear IAM architectures defining IAM Identity Center, SSO alignment, RBAC and ABAC models, PIM and JIT workflows, Conditional Access, SCP governance, and identity lifecycle improvements.
• Translate complex identity findings into practical designs that engineering teams can adopt.
• Lead PoCs and pilot environments for modern VM access using AWS SSM Session Manager, Azure Bastion with Just In Time access, and GCP OS Login.
• Stay actively involved in validation and guide engineering teams as access models are implemented.
• Help teams transition away from legacy SSH and RDP workflows to more secure and auditable methods.
• Strengthen multi-cloud logging visibility by helping shape ingestion approaches using Vector, Splunk HEC, OpenSearch, VPC Flow Logs, database logs, and cloud-native logging across AWS, Azure, and GCP.
• Ensure IAM, access activity, and audit trails are captured consistently during pilots and modernization.
• Partner with engineering teams during early rollout phases to verify design intent and assist in resolving issues surfaced during PoCs, pilots, and migrations.
• Provide technical guidance to ensure IAM, access, and logging workflows operate as expected.
• Produce high-quality documentation such as architecture diagrams, runbooks, migration plans, deployment guidance, troubleshooting notes, and logging schema references.
• Ensure operational and engineering teams have clear, complete, actionable materials.
• Serve as a trusted advisor by explaining trade-offs, guiding IAM decisions, and aligning technical and business teams.
• Communicate solutions in a clear, approachable way for both technical and non-technical audiences.

Skills

• Bachelor’s degree in Computer Science, Information Systems, Engineering, or a related technical field.
• 8 to 12 of experience in cloud security, IAM, or cloud engineering, with at least 3 to 5 specifically in cloud IAM architecture.
• Experience with at least two major clouds from AWS, Azure, and GCP, with hands-on work in IAM services, identity workflows, and access models for those environments.
• Hands-on experience with tools such as AWS IAM and IAM Identity Center, Azure Entra ID, PIM, Conditional Access, or GCP IAM and OS Login.
• Experience using at least one logging or ingestion technology such as Vector, Splunk HEC, or OpenSearch to support audit trails, access visibility, or multi-cloud logging validation.
• Strong familiarity with at least one cloud-native logging service such as CloudTrail, CloudWatch, Azure Monitor, or GCP Logging.
• Experience running PoCs and pilots for IAM or access solutions, guiding engineering teams, and supporting troubleshooting during design validation.
• Ability to create clear diagrams, documentation, and stakeholder-friendly explanations of IAM architecture.
• Consulting or client-facing experience with the ability to articulate trade-offs and provide guidance to both technical and non-technical teams.
• Experience with Terraform or Terraform Enterprise.
• Exposure to CIEM, IGA, or CNAPP tools such as Wiz.
• Familiarity with Zero Trust frameworks.
• Background with SSO federation, SCIM, or identity brokering.
• Awareness of DevOps or GitOps practices related to IAM.

Benefits

• Flexible package for health insurance and sports initiatives
• Flexible working hours
• Work From Anywhere program
• Nortal Nomad program

Company Overview

• Nortal is a professional services company, specializing in strategy and technology consulting and information technology services. It was founded in 2000, and is headquartered in Tallinn, Harjumaa, EST, with a workforce of 1001-5000 employees. Its website is http://www.nortal.com.

Company H1B Sponsorship

• Nortal has a track record of offering H1B sponsorships, with 2 in 2020. Please note that this does not guarantee sponsorship for this specific role.

Apply tot his job Apply To this Job