IAM Cloud Engineer

Location:

4910 Tiedeman Road, Brooklyn Ohio

The Senior IAM Cloud Governance Lead is responsible for defining, implementing, and overseeing the enterprise governance model for cloud-based identities, privileged access, and non‑human identities (service accounts). This role provides technical Collaboration with Service Account Governance, and Human Privileged Access Management (HPAM), ensuring alignment with security policy, regulatory obligations, and audit expectations across hybrid and multi‑cloud environments.

The role acts as a governance authority and escalation point, partnering closely with IAM engineering, cloud platform teams, risk management, audit, and application owners.

Key ResponsibilitiesCloud IAM Governance

• Lead the governance framework for cloud identity and access across IaaS, PaaS, and SaaS platforms, including design standards, control requirements, and lifecycle oversight.
• Establish and maintain enterprise guardrails for cloud IAM constructs (roles, permissions, entitlements, conditional access, federation).
• Ensure consistent enforcement of least‑privilege and separation‑of‑duties principles across cloud workloads.

Service Account / Non‑Human Identity (NHI) Governance

• Own governance strategy for service accounts and non‑human identities, including inventory completeness, ownership attribution, credential lifecycle, and risk classification.
• Define certification, recertification, and exception handling processes for NHIs in alignment with audit and compliance requirements.
• Partner with platform and application teams to remediate unmanaged or high‑risk service accounts.

Privileged Access & HPAM Oversight

• Provide governance leadership over privileged access patterns for cloud and hybrid systems, including just‑in‑time access, break‑glass processes, and session oversight.
• Ensure HPAM controls are consistently applied and measurable across cloud and on‑prem systems, supporting regulatory and internal risk assessments.

Risk, Audit, and Compliance Enablement

• Translate regulatory, audit, and risk requirements into actionable IAM governance controls and measurable evidence.
• Support internal and external audits by providing policy documentation, process flows, certification results, and exception rationale.
• Act as IAM governance SME for second‑line risk and control partners.

Leadership & Strategic Enablement

• Serve as senior escalation point and decision authority for IAM cloud governance issues and design exceptions.
• Influence IAM strategy, roadmap prioritization, and operating model improvements.
• Mentor analysts and senior practitioners within IAM governance and compliance functions.

Required Qualifications

• Deep experience in Identity & Access Management (IAM) within large enterprise environments.
• Hands‑on knowledge of cloud IAM models, including human and non‑human identities.
• Strong understanding of governance, risk, and control design, including audit evidence expectations.
• Experience governing privileged access models and service account lifecycles.
• Proven ability to translate policy and regulatory requirements into operational controls.

Preferred Qualifications

• Experience supporting regulated environments (financial services, SOX‑relevant systems).
• Familiarity with ServiceNow or similar platforms for inventory, workflow, and reporting.
• Professional security or audit certifications (e.g., CISA, CISSP) preferred but not required.
• Demonstrated leadership in cross‑functional, matrixed organizations.
• Awareness of Google Gemini Enterprise

COMPENSATION AND BENEFITS

This position is eligible to earn a base salary in the range of $80,000.00 - $150,000.00 annually. Placement within the pay range may differ based upon various factors, including but not limited to skills, experience and geographic location. Compensation for this role also includes eligibility for incentive compensation which may include production, commission, and/or discretionary incentives.

Please click here for a list of benefits for which this position is eligible.

Key has implemented an approach to employee workspaces which prioritizes in-office presence, while providing flexible options in circumstances where roles can be performed effectively in a mobile environment.

Job Posting Expiration Date: 06/04/2026 KeyCorp is an Equal Opportunity Employer committed to sustaining an inclusive culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, pregnancy, disability, veteran status or any other characteristic protected by law.

Qualified individuals with disabilities or disabled veterans who are unable or limited in their ability to apply on this site may request reasonable accommodations by emailing [email protected].

#LI-Hybrid