Cloud Identity Engineer
HashiCorp
Tokyo, Japan · Bucharest, Romania
A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You’ll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from our strategic partners, robust IBM technology, and Red Hat, you’ll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting, curiosity fuels success. You’ll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results. Our culture of growth and empathy focuses on your long-term career development while valuing your unique skills and experiences.
In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.
Join us and become part of a growing cybersecurity capability supporting enterprise cloud environments for international clients.
In this role, you’ll work across cloud identity and access management solutions, helping secure workforce, privileged, and machine identities in modern cloud ecosystems. You’ll collaborate closely with cloud, infrastructure, and security teams while gaining exposure to enterprise-scale IAM and Zero Trust initiatives across AWS, Azure, and IBM Cloud environments.
This role is ideal for someone who enjoys combining hands-on engineering with operational IAM support in complex cloud environments.
As a Cloud Identity Engineer, you will:
• Design, implement, and support cloud Identity & Access Management (IAM) solutions
• Configure and manage Microsoft Entra ID (Azure AD) environments
• Implement Conditional Access, MFA, and privileged identity management (PIM) controls
• Support federation and Single Sign-On (SSO) integrations across enterprise platforms
• Contribute to RBAC, least privilege, and Zero Trust security initiatives
• Support workload, machine, and non-human identity models
• Troubleshoot authentication, authorization, and access-related issues
• Support IAM operational activities across cloud environments
• Collaborate with cloud, infrastructure, DevOps, and cybersecurity teams
• Support secure credential and secrets management practices
• Contribute to continuous improvement initiatives within cloud security and IAM operations
• Exposure to cloud Identity & Access Management (IAM) engineering and operations
• Strong understanding of authentication, authorization, federation, and identity lifecycle management
• Hands-on experience with Microsoft Entra ID (Azure AD)
• Experience with Conditional Access, MFA, RBAC, and privileged access concepts
• Exposure to AWS IAM and cloud security concepts
• Understanding of Zero Trust and least privilege principles
• Exposure to workload or machine identities
• Knowledge of federation and SSO concepts
• Exposure to Kubernetes identity/security models
• Strong troubleshooting and collaboration skills in enterprise environments
• Exposure to IBM Cloud, GCP, or Alicloud IAM environments
• Familiarity with CyberArk, SailPoint, Saviynt, Okta, or HashiCorp Vault
• Exposure to CI/CD or Infrastructure as Code environments
• Relevant certifications such as SC-300, AZ-500, AWS Security Specialty, CISSP, or CCSP
The above requirements are a guideline. If you have transferable skills, we encourage you to apply to this role.