About SEPIA Innovations Inc.:

SEPIA Innovations Inc., with headquarters in Tokyo, Japan, and San Francisco, USA, and a strategic office in Pune, India, stands at the forefront of technological excellence and innovation. We specialize in delivering transformative solutions in Cloud Engineering, AI, DevOps, and AWS, meticulously tailored to meet the unique needs of both dynamic MSMEs and prestigious Fortune 100 enterprises.

Location: Pune / Remote (Rotation shift)

Experience Required: 4+ years in Cloud IAM / AWS Cloud Security

Employment Type: Full-time

Job Description:

We are seeking a skilled Cloud IAM Engineer to join our team, focusing on the design, implementation, and governance of Identity and Access Management (IAM) systems in the cloud. This role will support secure access to resources across AWS, databases, servers, and enterprise tools while ensuring compliance with IAM best practices. The ideal candidate will also participate in a global cloud transformation program, contributing to scalable, automated security solutions.

Key Responsibilities:

• Review, analyze, and modify IAM policies, roles, and trust policies to ensure secure, least-privilege access on AWS accounts. Avoid granting excessive or destructive permissions.
• Grant and manage access to databases, servers, and tools such as Wynsure, CRM, Splunk, and CyberArk, ensuring proper authorization procedures.
• Provision AWS Console access using Active Directory (AD) groups.
• Create, update, and manage AD groups and group memberships based on access requirements.
• Review IAM-related Splunk alerts and take appropriate remediation actions or provide recommendations for resolution.
• Execute CloudFormation stacks to provision infrastructure as per defined requests and templates.
• Troubleshoot IAM-related issues, monitor system performance, and respond to incidents effectively.
• Collaborate with development and operations teams to integrate IAM controls into CI/CD pipelines.
• Support documentation efforts by creating and maintaining technical specs, architecture diagrams, and process documentation.
• Participate in the analysis, design, and migration of on-premise environments to AWS.
• Implement automated and reusable IAM service components that support enterprise-wide usage.
• Demonstrated expertise in AWS services with a strong focus on security-related tools such as AWS Secrets Manager and AWS Key Management Service (KMS), including the ability to securely store, manage, and rotate secrets, as well as encrypt and manage access to sensitive data using industry best practices.

Technical Skills & Tools:

• Deep understanding of AWS IAM, roles, policies, trust relationships, and permission boundaries
• Experience with Active Directory integration and managing access via AD groups
• Familiarity with Cloud Formation, Splunk, CyberArk, Wynsure, CRM tools, and ServiceNow
• Strong scripting skills in Python, Shell, or Java (Spring Boot)
• Experience with AWS services like CloudTrail, CloudWatch, WAF, and security automation
• DevOps and CI/CD practices, including integrating IAM into pipelines
• Security monitoring and alert management using SIEM tools such as Splunk

Preferred Qualification:

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field
• 4+ years of experience in Cloud Security/IAM with enterprise-level implementations
• Solid knowledge of least privilege principle, secure access design, and policy remediation
• Strong analytical and problem-solving skills
• Excellent verbal and written communication
• Experience with client interaction is a plus
• Certifications like AWS Security Specialty or Certified Identity and Access Manager (CIAM) are desirable

Share your resume - [email protected]