IAM Security Analyst

About Us

At Cloudflare, we are on a mission to help build a better Internet. Today the company runs one of the world’s largest networks that powers millions of websites and other Internet properties for customers ranging from individual bloggers to SMBs to Fortune 500 companies. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare all have web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was named to Entrepreneur Magazine’s Top Company Cultures list and ranked among the World’s Most Innovative Companies by Fast Company.

At Cloudflare, we’re not looking for people who wait for a polished roadmap; we’re looking for the builders who see the cracks in the Internet that everyone else has simply learned to live with. We value candidates who have the instinct to spot a "normalized" problem and the AI-native curiosity to create a solution using the latest tools. Our culture is built on iteration, leveraging AI to ship faster today to make it better tomorrow, while ensuring that every improvement, no matter how small, is shared across the team to lift everyone up. If you’re the type of person who values curiosity over bureaucracy, and that AI is a partner in solving tough problems to keep the Internet moving forward, you’ll fit right in.

About the role

As an IAM Security Analyst you will play a key role in efficiently managing user identities and access across the enterprise. You will be responsible for implementing technologies and designing processes to ensure users have the authorized access to resources and systems.

What You’ll Do

Infrastructure as Code: Manage IAM cloud resources using Terraform, Bicep, or CloudFormation.

Automation: Develop custom scripts/hooks to automate manual provisioning tasks or API integrations.

Monitoring: Implement logging and alerting for identity-related security events (e.g., using SIEM tools).

Pipeline Management: Maintain the CI/CD pipelines for deploying IAM configurations and custom connectors.

Identity Automation & Orchestration: Design and implement automated workflows for user onboarding, offboarding, and role-based access control (RBAC).

Infrastructure as Code (IaC): Manage IAM infrastructure

CI/CD Integration: Build and maintain deployment pipelines to automate the delivery of identity services and security policies.

Protocol Mastery: Act as the subject matter expert to support secure application integration.

Secrets Management: Own the lifecycle of credentials, certificates, and API keys using enterprise tools.

Monitoring & Compliance: Develop automated logging and alerting for identity-related events to ensure SOX, FRH, SOC2, HIPAA, or GDPR compliance.

Define and enforce access control policies, including role-based access controls (RBAC), attributes based access control (ABAC) and policy based access controls (PBAC).

Define and enforce privileged access management (PAM) policies to secure sensitive systems and data.

Manager user onboarding, off boarding and role changes, ensuring adherence to security policies and compliance requirements.

Elaborate with cross-functional teams, including IT, security and compliance to ensure IAM aligns with business goals.

Communicate IAM-related updates and recommendations to stakeholders.

Maintain comprehensive documentation of IAM policies, processes and configurations.

Generate reports and metrics related to IAM activities and security posture.

Required Skills & Qualifications

Experience: 6–10 years in IT, with at least 3 years focused specifically on IAM within a DevOps or Site Reliability Engineering (SRE) context.

IAM Tools: Deep hands-on experience with at least one major platform.

Programming & Scripting: High proficiency in Python