Senior Cloud IAM Engineer

Overview

Who we are

Collaborative. Respectful. A place to dream and do. These are just a few words that describe what life is like at Toyota. As one of the world’s most admired brands, Toyota is growing and leading the future of mobility through innovative, high-quality solutions designed to enhance lives and delight those we serve. We’re looking for talented team members who want to Dream. Do. Grow. with us.

An important part of the Toyota family is Toyota Financial Services (TFS), the finance and insurance brand for Toyota and Lexus in North America. While TFS is a separate business entity, it is an essential part of this world-changing company- delivering on Toyota's vision to move people beyond what's possible. At TFS, you will help create best-in-class customer experience in an innovative, collaborative environment.

To save time applying, Toyota does not offer sponsorship of job applicants for employment-based visas or any other work authorization for this position at this time.

Who we’re looking for
Toyota Financial Services (TFS) is looking for a Senior Cloud IAM Engineer to design and build secure, scalable identity and access solutions that enable safe, compliant, and developer-friendly cloud environments. In this hands-on role, you’ll develop infrastructure-as-code (IaC), enforce identity governance, and implement automation that strengthens our AWS identity architecture.

You’ll work closely with security, engineering, and compliance teams to streamline IAM operations using tools like AWS IAM, Terraform, and GitHub Actions—helping to enforce least-privilege access, reduce manual overhead, and ensure alignment with cloud security best practices.

What you’ll be doing

• Build and manage AWS IAM infrastructure, including roles, policies, permission boundaries, SSO, and organizational units.

• Automate IAM provisioning using infrastructure-as-code tools such as Terraform or AWS CDK.

• Implement scalable identity governance practices (RBAC/ABAC), enforcing least-privilege access and policy controls across environments.

• Integrate identity validations and security guardrails into CI/CD pipelines (e.g., GitHub Actions, Harness).

• Monitor and respond to identity-related activity using tools like AWS CloudTrail, Config, and GuardDuty.

• Support compliance efforts by aligning IAM policies with internal standards and external frameworks such as NIST and SOC 2.

• Partner with security, DevOps, and application teams to ensure IAM solutions meet evolving business and technical needs.

• Document identity architecture and contribute to internal knowledge sharing and code reviews.

What you bring

• 5+ years of experience in cloud engineering, DevOps, or IAM-focused roles.

• Strong hands-on experience with AWS IAM, Organizations, SSO, and federation.

• Proficiency in infrastructure as code using tools like Terraform or AWS CDK.

• Familiarity with scripting or automation using Python, Bash, or PowerShell.

• Deep understanding of IAM governance principles, including least-privilege access and access review automation.

Added bonus if you have

• Experience embedding IAM controls into CI/CD workflows (e.g., GitHub Actions, Harness).

• Familiarity with cloud monitoring and security tools such as CloudTrail, AWS Config, GuardDuty, or Datadog.

• Knowledge of permission boundaries and advanced IAM policy design.

• AWS certifications such as Security Specialty or Solutions Architect.

What we’ll bring

What we’ll bring During your interview process, our team can fill you in on all the details of our industry-leading benefits and career development opportunities. A few highlights include:

• A work environment built on teamwork, flexibility, and respect

• Professional growth and development programs to help advance your career, as well as tuition reimbursement

• Team Member Vehicle Purchase Discount

• Toyota Team Member Lease Vehicle Program (if applicable)

• Comprehensive health care and wellness plans for your entire family

• Toyota 401(k) Savings Plan featuring a company match, as well as an annual retirement contribution from Toyota regardless of whether you contribute

• Paid holidays and paid time off

• Referral services related to prenatal services, adoption, childcare, schools and more

• Tax Advantaged Accounts (Health Savings Account, Health Care FSA, Dependent Care FSA)

• Relocation assistance (if applicable)

Belonging at Toyota

Our success begins and ends with our people. We embrace all perspectives and value unique human experiences. Respect for all is our North Star. Toyota is proud to have 10+ different Business Partnering Groups across 100 different North American chapter locations that support team members’ efforts to dream, do and grow without questioning that they belong.

Applicants for our positions are considered without regard to race, ethnicity, national origin, sex, sexual orientation, gender identity or expression, age, disability, religion, military or veteran status, or any other characteristics protected by law.

Have a question, need assistance with your application or do you require any special accommodations? Please send an email to talent.acquisition@toyota.com.