Senior Cloud Identity Engineer

We are looking for Senior Cloud Identity & Entitlement Security Engineer

We’re seeking a seasoned cloud security professional with deep expertise in Cloud

Infrastructure Entitlement Management (CIEM) and Just-in-Time (JIT) access

platforms across AWS, Azure, and/or GCP. The role focuses on enforcing least privilege

access, reducing risk exposure, and supporting compliance through identity governance.

We’re looking for a thought leader in cloud identity and entitlement security — someone

who can drive strategic rollouts, adapt quickly to new tools like Tenable, and collaborate

effectively across global teams in EU time zones. This role values expertise, initiative,

and the ability to lead with impact over cost-efficiency.

Scope of Work:

• Deploy and operationalize a newly acquired Tenable cloud IAM solution.

• Design and enforce least-privilege RBAC across AWS, Azure, and/o GCP

environments (limited to user accounts; system accounts and DevOps pipelines are

out of scope for this phase).

• Implement Just-in-Time (JIT) access to eliminate standing administrative privileges

and reduce risk exposure.

Key Responsibilities:

• Manage and optimize CIEM solutions (e.g., Microsoft Entra Permissions

Management, Tenable).

• Integrate CIEM/JIT platforms with Tenable for continuous visibility into identity-related

risks and misconfigurations.

• Conduct identity discovery, entitlement mapping, access reviews, and remediation

workflows.

• Support compliance initiatives such as ISO, SOX, and GDPR.

• Collaborate with cross-functional teams across global regions, particularly in EU time

zones.

Required Skills & Qualifications:

• Several years of hands-on experience in cloud IAM / identity engineering.

• Deep knowledge of roles, policies, and permissions in AWS and/or Azure (GCP is a

plus).

• Experience with CIEM solutions (e.g., Microsoft Entra Permissions Management,

Tenable).

• Strong understanding of RBAC, ABAC, IAM policies, and identity lifecycle

management.

• Ability to quickly learn and operate Tenable’s cloud IAM platform.

• Good communication skills.

Ideal Candidate Profile:

A thought leader capable of driving cloud identity and entitlement rollouts, adaptable to

new tools like Tenable, and effective in cross-functional, international collaboration.

Gamito is a licensed recruitment agency under number 1820 with totally free of charge services to the candidates.

Guidance and on-boarding will be provided.

Regular Bulgarian working hours, home office (or hybrid) with flexible time generous social package and possibility for good bonuses