Cloud Architect

Dear Candidate,

We do have an job opportunity, pls go through the JD mentioned below and apply if you are interested.

Job Title
: AWS Cloud Engineer, SSO (OIDC/SAML), Application Development

Location
: Quincy, MA ( 4 days/week)

Job type:
FTE /CWR

Experience
: 12+ years (with strong hands-on AWS and Application Development experience)

Role Summary

We are seeking an experienced
AWS Cloud Engineer
with deep expertise in
Single Sign-On (SSO)
integrations using OIDC/SAML
, and
strong software development
skills. This role will design, build, secure, and operate scalable
cloud-native data platforms
, with a focus on identity federation, access governance, and
application development
.

The ideal candidate combines cloud infrastructure engineering, identity and access management (IAM), and hands-on development to deliver secure, reliable, and automated solutions.

Key Responsibilities

Cloud & Data Platform Engineering

Implement network architectures using VPCs, subnets, security groups, NACLs, VPC endpoints, and private connectivity.

SSO & Identity Federation

Design and implement Redshift SSO using OIDC and/or SAML 2.0.

Integrate Redshift with enterprise IdPs (e.g., Okta, Azure AD, Ping, Auth0, AWS IAM Identity Center).

Configure IAM roles, policies, and trust relationships for federated access.

Implement role-based access control (RBAC) and fine-grained authorization within Redshift.

Troubleshoot authentication, authorization, token, and federation issues end-to-end.

Development & Automation

Develop cloud-native applications, services, or utilities using Python, Java, or similar languages.

Build automation for infrastructure provisioning using IaC (Terraform, AWS CDK, or CloudFormation).

Develop CI/CD pipelines for infrastructure and application deployments.

Create APIs, Lambda functions, and event-driven workflows to support data and identity use cases.

Security, Governance & Compliance

Apply AWS security best practices, including least privilege, encryption at rest and in transit, and secure secrets management.

Implement audit logging and monitoring using CloudTrail, CloudWatch, and AWS Config.

Support compliance requirements (SOC2, HIPAA, PCI, or similar, as applicable).

Required Qualifications

• 10+ years of hands-on experience in AWS cloud engineering.
• Proven experience implementing SSO using OIDC and/or SAML 2.0.
• Proficiency in at least one programming language (Python preferred; Java acceptable).
• Strong knowledge of AWS IAM, STS, role assumption, and federated identity models.
• Experience with Infrastructure as Code (Terraform, CDK, or CloudFormation).
• Solid understanding of networking concepts (DNS, TLS, VPC routing, private endpoints).
• Experience with Linux-based environments and scripting.

Preferred / Nice-to-Have Skills

• Experience with AWS IAM Identity Center (SSO).
• Familiarity with Okta, Azure AD, PingFederate, or Auth0 integrations.
• Exposure to containerization (Docker) and orchestration (ECS/EKS).

Regards,

Suhas Gharge