Senior AWS IAM Engineer

Job Title: Senior AWS IAM Engineer

Location: Warsaw, Poland (Hybrid – 3 days/week in office)
Contract Type: Contract (Initial 9 months, with possible extension)
Client: Leading Global Renewable Energy Company
Work Schedule: Monday to Friday, 8 hours/day
Start Date: ASAP

Position Overview

A major global renewable energy company is accelerating its digital transformation with AWS and is seeking a Senior AWS IAM Engineer to strengthen its cloud infrastructure initiatives. This role is critical to managing and securing Identity and Access Management (IAM) practices across global AWS environments, driving security, compliance, and innovation through automation and best practices.

Key Responsibilities

IAM Design & Implementation

• Design, implement, and maintain AWS IAM policies, roles, permission sets, and groups

• Use GitHub repositories for version-controlled management of IAM baselines

• Integrate IAM configurations with infrastructure-as-code (IaC) practices using CloudFormation or Terraform

Security & Compliance

• Conduct regular audits of access rights and IAM configurations

• Ensure alignment with compliance frameworks (e.g., GDPR, internal policies)

• Use AWS Access Analyzer and other tools to enforce least-privilege access

Collaboration & Support

• Work closely with DevOps, Security, and Engineering teams to implement secure IAM practices

• Support integration with third-party identity providers via SAML or OIDC (e.g., Entra ID / Azure AD)

• Provide guidance and training on IAM-related topics across teams

Operations & Optimization

• Manage IAM-related service requests and troubleshoot access/security issues

• Automate IAM provisioning and access management tasks

• Support the use of IAM Identity Center and Account Factory for Terraform (AFT)

Requirements

Must-Have Skills

• Strong understanding of AWS IAM roles, policies, and permission boundaries

• Experience managing IAM via GitHub or similar version control platforms

• Hands-on experience with CloudFormation or Terraform for IAM provisioning

• Familiarity with AWS security services (e.g., IAM Access Analyzer, Identity Center)

• Experience integrating identity providers via SAML/OIDC (e.g., Azure AD / Entra ID)

• Excellent communication skills for both technical and non-technical audiences

Preferred Qualifications

• AWS Certified Security – Specialty certification

• Working knowledge of AWS data protection, encryption, and secure internet protocols

• Proven ability to balance cost, security, and complexity when designing IAM solutions

• Experience supporting cloud migrations or modernization programs in large-scale environments

Additional Information

• Location: Consultant must be based in Poland and available to work from the Warsaw office at least 3 days per week

• Remote work outside of Poland is not permitted without written approval

• Client is a global leader in green energy, currently migrating from on-premise to AWS as part of a long-term digitalisation and cloud-first strategy