Cloud IAM Technician

Job Title:
Cloud IAM Technician – GCP

Duration of project: 3 months

Location:
Flexible — Remote

We are seeking a skilled Google Cloud Platform (GCP) and Google Workspace (GWS) technical resource, with specialized experience in managing groups within GWS, as well as applying IAM policy for groups in GCP. You will build and maintain these IAM group structures, support related ticket workflows, and ensure precise access control matching business needs and company policies.

About the Role

Key Responsibilities:

User Access Group (UAG) Management:

• Design, create, and maintain GCP IAM User Access Groups for granular control over user permissions.
• Use IAM roles, conditional policies, and nested group structures to streamline personnel onboarding, role changes, and offboarding.
• Work with Service Now ticketing system to process UAG membership change requests, conduct approval flows, and document resolutions.

Data Access Group (DAG) Management:

• Define and manage Data Access Groups associated with data products (e.g., Big Query datasets, Google Cloud Storage (GCS) buckets, etc.).
• Process tickets requesting addition/removal from DAGs, ensuring data access reflects current business requirements and compliance needs.

Ticket Handling and Operational Workflow:

• Respond to and resolve tickets related to UAG/DAG creation, access review, and IAM-related Tasks.
• Perform root-cause analysis, remediate access misconfigurations, and escalate as needed.
• Maintain meticulous logs of ticket resolution steps, audit evidence, and stakeholder communications.

Required Qualifications:

• 3–5+ years in cloud IAM, identity management, or cloud operations.
• Hands-on experience designing and managing Groups in GWS, as well as applying IAM policy for the groups within GCP.
• Practical experience creating and managing GWS Groups tied to datasets, entry groups, or tagged resources; including tag-based IAM Conditions
• Familiarity with IAM roles such as `bigquery.data Editor` and role-based access control patterns.
• Proficiency with Service now ticketing system and documented workflows.
• Scripting or IaC skills:
  Python, Terraform, gcloud, or equivalent tools.

Preferred:

• Google Cloud certifications (Professional IAM, Cloud Architect, or Professional Data Engineer).
• Experience with IAM Conditions and tag-based policies for attribute-driven access control.
• Familiarity with group nesting for owner-level UAG structures.
• Experience producing dashboards or reports for access governance and audits.

Additional Skills:

• Need minimum 3 years experience in an Identity and Access Management (IAM) role with Google Cloud.
• GCP IAM, 3-5 years
• Google Cloud certifications (Professional IAM, Cloud Architect, or Professional Data Engineer).
• Experience with IAM Conditions and tag-based policies for attribute-driven access control.
• Familiarity with group nesting for owner-level UAG structures.
• Experience producing dashboards or reports for access governance and audits.

Mid-Senior level

Contract

Administrative

Industries:
Technology, Information and Media