IAM & Cloud Security Engineer

Location:

4th Floor, Tower 110, The Spire, Plot No. 4, Survey No. 83/1, Hyderabad Knowledge City Layout, Raidurgam (Panmaqtha) Village, Serilingampally Mandal, Hyderabad – 500032, Telangana

Key Responsibilities

Identity & Access Management (IAM):

- Design, implement, and manage IAM systems across Microsoft Entra ID (Azure AD), Active Directory, and AWS IAM.

- Enforce secure lifecycle management, RBAC/ABAC models, and Just-In-Time (JIT) access controls.

- Deploy and manage MFA, SSO, conditional access, and PAM across IT and manufacturing environments.

- Conduct entitlement reviews, automate provisioning/deprovisioning, and drive identity governance initiatives.

Cloud Security & Configuration Compliance (Azure & AWS):

- Implement secure configuration baselines using Azure Policy, AWS Config, Cloud Custodian, and other compliance-as-code tools.

- Continuously assess and remediate misconfigurations to ensure alignment with: NIST 800-53, CIS Benchmarks, ISO 27001/27002, GDPR, and CSL requirements.

- Monitor cloud environments using Azure Security Center, Defender for Cloud, AWS Security Hub, CloudTrail, and related services.

SSO, Authentication & Federation:

- Integrate enterprise applications and industrial platforms with Entra ID or AWS Cognito using SAML, OIDC, OAuth2.0, and WS-Federation.

- Manage B2B/B2C federation for suppliers, partners, and cross-region collaboration.

Compliance & Data Governance:

- Lead or support initiatives ensuring adherence to: NIST (800-53, CSF), ISO 27001/27002, GDPR, CSL.

- Prepare documentation, evidence, and remediation plans for internal audits and external assessments.

- Support global data protection strategies including access logging, consent tracking, and data retention policies.

Collaboration & Incident Response:

- Collaborate with IT, OT, DevOps, and business stakeholders to align cloud and identity architectures with enterprise risk posture.

- Serve as a subject matter expert in incidents involving IAM or cloud services.

- Partner with global teams to address compliance risks in manufacturing and data processing operations.

Role Purpose:

Position Overview

We are seeking a senior-level IAM and Cloud Cybersecurity Engineer to secure our enterprise and operational environments in the manufacturing sector, including compliance with international regulations such as NIST, ISO 27001/27002, GDPR, and China's Cybersecurity Law (CSL). This role will focus on architecting, implementing, and maintaining identity, access, and cloud security across Microsoft Azure, Amazon Web Services (AWS), and hybrid infrastructure.

You will be responsible for building secure IAM architectures, enforcing configuration compliance, and supporting regional data protection mandates across global operations.

Minimum Requirements:

Key Responsibilities

Identity & Access Management (IAM):

- Design, implement, and manage IAM systems across Microsoft Entra ID (Azure AD), Active Directory, and AWS IAM.

- Enforce secure lifecycle management, RBAC/ABAC models, and Just-In-Time (JIT) access controls.

- Deploy and manage MFA, SSO, conditional access, and PAM across IT and manufacturing environments.

- Conduct entitlement reviews, automate provisioning/deprovisioning, and drive identity governance initiatives.

Cloud Security & Configuration Compliance (Azure & AWS):

- Implement secure configuration baselines using Azure Policy, AWS Config, Cloud Custodian, and other compliance-as-code tools.

- Continuously assess and remediate misconfigurations to ensure alignment with: NIST 800-53, CIS Benchmarks, ISO 27001/27002, GDPR, and CSL requirements.

- Monitor cloud environments using Azure Security Center, Defender for Cloud, AWS Security Hub, CloudTrail, and related services.

SSO, Authentication & Federation:

- Integrate enterprise applications and industrial platforms with Entra ID or AWS Cognito using SAML, OIDC, OAuth2.0, and WS-Federation.

- Manage B2B/B2C federation for suppliers, partners, and cross-region collaboration.

Compliance & Data Governance:

- Lead or support initiatives ensuring adherence to: NIST (800-53, CSF), ISO 27001/27002, GDPR, CSL.

- Prepare documentation, evidence, and remediation plans for internal audits and external assessments.

- Support global data protection strategies including access logging, consent tracking, and data retention policies.

Collaboration & Incident Response:

- Collaborate with IT, OT, DevOps, and business stakeholders to align cloud and identity architectures with enterprise risk posture.

- Serve as a subject matter expert in incidents involving IAM or cloud services.

- Partner with global teams to address compliance risks in manufacturing and data processing operations.

Required Qualifications

- Bachelor’s degree in Cybersecurity, Information Systems, Engineering, or related field (or equivalent experience).

- Minimum of 12 years of experience in cybersecurity, with direct experience in IAM and cloud security across hybrid enterprise environments.

- Proficient with:

- Microsoft Entra ID (Azure AD) and Active Directory

- AWS IAM, Organizations, SCPs, and related services

- Identity federation protocols and SSO technologies

- Infrastructure-as-Code (IaC) tools like Terraform, CloudFormation, or ARM templates

- Strong experience implementing compliance and configuration controls in alignment with:

- NIST 800-53

- ISO 27001/27002

- GDPR

- China’s Cybersecurity Law (CSL)

Preferred Certifications

- Microsoft Certified: Identity and Access Administrator Associate

- Azure Security Engineer Associate

- AWS Certified Security – Specialty

- CISSP, CISM, or CRISC

- ISO 27001 Lead Implementer

- Familiarity with Chinese data compliance, data localization practices, or multi-national supply chain requirements is highly desirable

Key Competencies

- Expert knowledge of IAM strategy and security architecture in global manufacturing environments

- Ability to operationalize cloud and compliance policies across diverse technical stacks

- Strong analytical, communication, and documentation skills

- Comfortable working with stakeholders across geographies, especially in highly regulated markets (e.g., EU, China, U.S.)

Kidde Global Solutions is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.