I need an experienced hand to refine our identity and access landscape in AWS IAM. The work revolves around three pillars: • User and group management – structure our accounts, roles, and groups so day-to-day administration is painless. • Access policies and permissions – author fine-grained, least-privilege policies that pass AWS Policy Simulator checks without warnings. • Integration with other AWS services – the policies must tie cleanly into services such as S3, EC2, RDS, and Lambda so future deployments inherit the right permissions automatically. We already have a collection of IAM policies in production; part of the assignment is to migrate or fold them into the new structure without breaking existing workloads. Clear documentation of changes, a rollback plan, and a summary diagram of the final trust relationships will be required for sign-off. Deliverables will be pulled through a Git repo or CloudFormation/Terraform templates—whichever method you prefer, as long as it’s reproducible and reviewed via PR. I’ll test the finished setup by launching sample workloads and verifying the intended access boundaries, so please include a short validation script or step-by-step guide. If this sounds straightforward, tell me how long you’ll need and which tooling you intend to use. We are seeking a skilled IAM Developer to design, develop, and maintain Identity and Access Management (IAM) solutions. The ideal candidate should have experience implementing IAM integrations, customizing authentication and authorization flows, and automating identity lifecycle management using modern IAM tools and security standards. You will collaborate closely with cloud, application, and security teams to ensure secure, scalable, and efficient identity systems across enterprise and customer-facing platforms. Key Responsibilities Design, develop, and implement IAM workflows for authentication, authorization, and user provisioning. Integrate IAM solutions with enterprise applications and APIs (web, mobile, and backend systems). Develop and maintain automation scripts and APIs for identity management (Python, Java, or PowerShell). Implement identity federation, SSO, and MFA using standards such as OAuth2, OpenID Connect (OIDC), SAML, and SCIM. Configure and manage IAM platforms like Okta, Auth0, Azure AD, or ForgeRock. Create and manage custom policies, roles, and rules for access control. Work on user lifecycle management — onboarding, updates, and de-provisioning. Collaborate with DevOps teams to integrate IAM solutions with CI/CD pipelines and Infrastructure-as-Code tools (Terraform, GitHub Actions, etc.). Troubleshoot authentication/authorization issues and support end-to-end IAM operations. Maintain documentation for configurations, integrations, and workflows. Required Skills & Experience 3–6 years of hands-on experience as an IAM Developer or Engineer. Strong understanding of IAM concepts: Authentication, Authorization, Federation, SSO, and User Provisioning. Experience with one or more platforms: Auth0, Okta, Azure AD (B2C/B2B), ForgeRock, or Ping Identity. Working knowledge of OAuth2, OpenID Connect (OIDC), SAML, and SCIM protocols. Experience developing and integrating REST APIs for identity management. Familiarity with AWS or Azure Cloud IAM services. Knowledge of scripting/programming languages such as Python, Java, or PowerShell. Experience with Terraform, GitHub Actions, Jenkins, or Ansible for automation. Basic understanding of security best practices, token handling, and session management.