Job Title: Cloud Engineer with IAM/Entra Specialty
Location: Warsaw, Poland
Client: Leading Global Renewable Energy Organisation
Contract Length: 31st March 2026 to 30th October 2026 (Option to extend)
Work Schedule: Monday to Friday, 40 hours per week. Minimum 2 days per week onsite in Warsaw office required. Fully remote working is not permitted.
Job Description
We are seeking a Cloud Engineer with strong IAM and Entra expertise to support the automation and scaling of a cloud platform. This role focuses on simplifying identity and access management through automated, self-service IAM solutions for internal development teams.
Key Responsibilities:
Federated Access via Entra ID identity provider
-
Maintain and automate deployment of Entra ID integration with AWS Identity Center
-
Configure and maintain Entra ID Enterprise Applications for AWS (certificate/secret renewals, SAML assertions, API permissions, SCIM provisioning)
-
Troubleshoot Entra ID Conditional Access Policies
Access and Entitlement Management
-
Maintain and automate AWS account access at scale using AWS Identity Center permission sets and existing account provisioning solutions
-
Maintain and automate provisioning of Entra ID Entitlement Management Access Catalogues and Access Packages via Microsoft Graph API/SDK
-
Maintain and automate provisioning of Entra ID PIM Groups via Microsoft Graph API/SDK
Internal IAM Self-Service Solutions
-
Develop, maintain and automate tailored IAM self-service solutions for internal users
-
Enable compliant and secure Entra ID group provisioning (e.g., access reviews, approval workflows)
General AWS IAM
-
Configure AWS IAM roles, trust relationships and permission policies (managed, customer managed and inline)
-
Perform right-sizing of IAM roles using AWS Access Analyzer and similar tools
DevSecOps
-
Develop and maintain GitHub Actions workflows using Infrastructure as Code (Terraform) and scripting (Python, Bash or PowerShell)
-
Refactor existing workflows and IaC to support Policy-as-Code enforcement
-
Develop and maintain integration and acceptance tests, and test reports for new and existing IAM code
General Incidents and Support
-
Respond to and resolve IAM-related incidents, continuously improving solutions to prevent recurrence
-
Provide guidance and support for internal developers and customers regarding IAM issues
Requirements:
Skills/Qualifications:
-
Advanced proficiency in AWS IAM and/or Microsoft Entra ID
-
Proficiency in Infrastructure as Code (Terraform) and GitHub Actions
-
Proficiency in Python, Bash, and PowerShell
-
Strong programming skills with ability to interface with Microsoft Graph API
-
Experience with AWS Service Catalog and AWS CloudFormation
-
Certification such as Microsoft Identity and Access Administrator (SC-300) is an advantage
-
Detail-oriented, strong analytical and clear communication skills
Work Location Policy:
The consultant must work from the specified location. Minimum two days per week onsite in Warsaw office required. Fully remote work from a different country is not allowed unless expressly agreed by client Services Procurement.