Identity and Access Management; IAM Cloud Engineer

Overview

Regions is dedicated to safeguarding private and personally identifiable information. The Identity and Access Management (IAM) Engineer will work cross-functionally with business and IT partners, as well as external service partners, to deliver Identity Governance and Administration (IGA) capabilities across Regions. This includes RBAC, ABAC, access reviews/certification, automated provisioning and de-provisioning, and handling access requests.

• Design, develop, test, implement, and integrate IAM systems and solutions
• Ensure IAM solutions protect information resources against unauthorized use, excessive access, disclosure, damage and/or loss
• Analyze and maintain data to ensure projects deliver on time
• Maintain, patch, operate, and monitor IAM systems
• Support and resolve system incidents, problems and changes
• Design and implement reusable strategies, service components, libraries and frameworks to support enterprise IAM services
• Onboard new applications and create custom workflows, rules, and reports based on business requirements
• Document processes, guidelines, standards, technical specifications, and draw network & system architecture diagrams
• Utilize scripting (bash) to maintain night processing scripts
• Facilitate project communications on status, issues/roadblocks, and requirements feasibility

This position is exempt from timekeeping requirements under the Fair Labor Standards Act and is not eligible for overtime pay.

• Bachelor’s degree and six (6) years of experience in a related field

• Advanced understanding of UNIX security related to user access and provisioning
• Experience with Agile methodology and SDLC concepts/tools (Git, Atlassian stack)
• Experience with Linux/Unix, Windows, scripting (Bash, Power Shell, Perl), SQL, LDAP, and web services
• Experience with programming languages such as Java, C#, C/C++, Python, or Java Script
• Experience with RBAC and automated provisioning/deprovisioning
• Experience with SailPoint (v7.0+) or another IGA/IAM platform
• Security certifications (e.g., CISSP, CIAM)
• Technical experience in IAM solutions (e.g., Beyond Trust, Cyber Ark, AWS, Duo, OIM, Ping Identity, Radiant Logic, SailPoint, Okta, Active Directory, RACF)

• Ability to multi-task, be self-initiated, and work independently
• Excellent customer service and interpersonal skills
• Excellent time management and organizational skills
• Analytical problem-solving and attention to detail
• Strong written and verbal communication

This position is intended to be onsite, with regular office days. It requires proximity to a Region location and may require in-office expectations. The primary locations include Birmingham, AL;
Nashville, TN;
Atlanta, GA; or Charlotte, NC.

• Knowledge of AWS, Azure, and Vault identities and authentication methods
• Technologies: AWS Identity Center, IAM Users, Service Control Policies, STS, OIDC;
  Azure Entra
  
  ID, Application Registrations, Hierarchical IAM RBAC, Managed Identities, Graph, Policies
• Knowledge of vault solutions (Hashi Corp Vault, AWS Secrets Manager, Azure Key Vault) and related best practices
• Experience with Dev Sec Ops  tools (Git Hub, Terraform, Harness) and managing cloud environments
• General cloud/IAM security best practices
• Experience running workloads in AWS and Azure with load balancing, VMs, secrets management, log analytics, and storage services
• Scripting in Python or Power Shell for automation and IAM configuration assurance
• Hashi Corp Vault deployment, authentication, policies, and CI/CD integration
• Experience with Kubernetes in a cloud environment

Regulatory note: Regions will not sponsor applicants for work visas for this position. Applicants must be authorized to work in the United States on a full-time basis.

Full time

Pay ranges are job-specific and depend on experience, skills, knowledge, contribution, location, and performance. This includes:

• Minimum and target pay ranges based on market data
• Opportunity to participate in long-term incentive plans
• Benefits including Paid Vacation/Sick Time, 401K with Company Match, Medical/Dental/Vision, Disability Benefits, Health Savings Account, Flexible Spending Account, Life Insurance, Parental Leave, Employee Assistance Program, and Volunteer Program

Benefits and plans may change. For more information, please visit the Regions benefits portal.

Riverchase Operations Center, Hoover, Alabama

Equal Opportunity Employer/Disabled/Veterans

Job applications are accepted electronically for a minimum of five business days from the posting date. Higher-volume postings may remain active longer due to business need and may be closed at any time at the company's discretion.