engineering
Posted 4 days agoPrincipal Cloud IAM Engineer (US Federal)
at Workday
Usa.va.reston, United StatesRemote
Requirements
- We’re obsessed with making hard work pay off, for our people, our customers, and the world around us. As a Fortune 500 company and a leading AI platform for managing people, money, and agents, we’re shaping the future of work so teams can reach their potential and focus on what matters most.
- As a Fortune 500 company and a proven enterprise cloud platform, Workday brings modern technology, responsible AI, and secure infrastructure to some of the most complex environments in the world.
- experience to meaningful, mission-driven work—alongside colleagues who take pride in building things that last—you’ll find that opportunity at Workday Government.
- Employees may be required to be on site at client locations in the DC, MD, and VA (DMV) area Workday is expanding into the US Government air-gapped classified cloud environment.
- We are looking for a cloud engineer who has a focus on managing entitlements and permissions in a cloud services environment (AWS, Azure/EntraID or GCP).
- The candidate should understand infrastructure and compliance as code, using CI/CD pipelines.
- Familiarity with standard federation protocols used in IAM including OAUTH, OIDC, SAML and SCIM is essential.
- The ideal candidate will work with other teams in cloud engineering and the broader Cybersecurity organization in Workday Government as we work to build our new organization at Workday, focused on the unique
- May be required to be on site at client locations in the DC, MD, and VA (DMV) area. About You Basic
- Qualifications: This role may require a security clearance at the TS/SCI w/CI Poly level.
- Applicants must have the ability to obtain and maintain a U.S. government issued security clearance.
- Experience in centralizing authentication/authorization and RBAC/PBAC Managing infrastructure as code using tools like Github and Terraform
- Experience developing tools for automation in Python or other programming languages
- Experience integrating cloud platforms with external tools like Okta, EntraID or similar for centralized authentication and SSO
- Experience in utilizing one or more SEIM tools (Splunk or similar) for log aggregation and analysis, threat playbooks and auditing Other
- Requirements: Familiarity with NIST 800-53 and DoD/Intel control frameworks Bachelor's degree or higher in computer science, cybersecurity, or comparable work/educational