AWS Cloud Infrastructure Engineer - Keycloak Specialty

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a AWS Cloud Infrastructure Engineer (Keycloak Specialty) based in the United States.

This role focuses on designing and securing enterprise-grade identity and access management solutions within a complex AWS cloud environment supporting mission-critical government systems. You will architect and implement authentication and authorization frameworks that enable secure, scalable, and compliant access across modern cloud applications. Acting as a subject matter expert in Keycloak and identity federation, you will integrate SSO, MFA, and federated identity across microservices and APIs while ensuring adherence to Zero Trust principles. The position involves close collaboration with security, architecture, and DevSecOps teams to embed identity controls into CI/CD pipelines and infrastructure as code. You will also play a key role in ensuring compliance with federal standards such as FedRAMP, FISMA, and NIST 800-63. This is a highly technical and security-critical role where identity architecture directly supports national-level digital modernization efforts.

Accountabilities

In this role, you will design, implement, and maintain secure identity and access management solutions across AWS cloud environments, ensuring compliance, scalability, and Zero Trust alignment.

• Design and maintain enterprise identity architecture using Keycloak as the core identity provider and federation broker
• Implement SSO and federated authentication solutions using SAML, OAuth2.0, and OpenID Connect protocols
• Configure and integrate identity providers such as AWS IAM Identity Center, AWS Cognito, Azure AD, IBM Verify, and Keycloak
• Enforce Zero Trust Architecture principles across microservices, APIs, and cloud-native applications
• Develop and manage identity lifecycle processes including provisioning, deprovisioning, and access reviews
• Define and enforce RBAC/ABAC policies ensuring least-privilege access across users and systems
• Support compliance with NIST 800-63, FedRAMP, FISMA, and related federal security frameworks
• Design logging, monitoring, and auditing strategies for authentication and authorization events using AWS and SIEM tools
• Collaborate with DevSecOps teams to embed ICAM policies into CI/CD pipelines and infrastructure-as-code templates
• Lead identity integration design sessions and provide technical oversight for architecture, security, and vulnerability management initiatives
  
  

Requirements

Interested in remote work opportunities in Devops? Discover Devops Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.

This role requires deep expertise in identity and access management, cloud security architecture, and hands-on experience with Keycloak and AWS identity services in regulated environments.

• Bachelor’s degree in Cybersecurity, Information Systems, or equivalent experience (Master’s preferred)
• 10+ years of experience in identity and access management, including 8+ years in cloud environments
• Strong hands-on experience with Keycloak and AWS IAM Identity Center for SSO and MFA implementations
• Deep knowledge of identity federation protocols including SAML, OAuth2.0, OIDC, and SCIM
• Strong expertise in RBAC, ABAC, and policy-based access control frameworks
• Experience working with federal compliance frameworks such as FedRAMP, FISMA, and NIST 800-63
• Strong understanding of PKI, digital certificates, encryption, and secure authentication mechanisms
• Experience integrating identity governance tools such as SailPoint or Saviynt is a plus
• Familiarity with AWS security services including KMS, CloudTrail, Lambda, and API Gateway authentication
• Strong analytical, troubleshooting, and communication skills in complex distributed environments
• Experience working in Agile and DevSecOps environments with CI/CD and IaC practices
• Ability to collaborate effectively with technical and executive stakeholders in a consulting-style role
  
  

Benefits

• Competitive salary range of $153,000 to $207,000 annually depending on experience and location

Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.

• Comprehensive medical, dental, and vision insurance plans
• 401(k) retirement plan with company match
• Flexible work arrangements with fully remote eligibility within the United States
• Paid time off including vacation, sick leave, holidays, and parental leave
• Life, disability, and supplemental insurance options
• Access to professional development, internal mobility programs, and career growth tools
• Exposure to large-scale federal cloud modernization and cybersecurity programs
• Strong emphasis on work-life balance and employee wellbeing programs
• Collaborative, mission-driven environment focused on secure digital transformation
  
  

How Jobgether Works

We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.

We appreciate your interest and wish you the best!

Why Apply Through Jobgether?

Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.