WHO WE ARE

Collaborative. Respectful. A place to dream and do. These are just a few words that describe what life is like at Toyota. As one of the world’s most admired brands, Toyota is growing and leading the future of mobility through innovative, high-quality solutions designed to enhance lives and delight those we serve. We’re looking for diverse, talented team members who want to Dream. Do. Grow. with us.

WHAT WE’RE LOOKING FOR

The Toyota Financial Services (TFS) Cloud Engineering team is seeking a highly skilled Cloud Engineer Lead – Identity. This senior-level role is responsible for designing and managing cloud identity and access management (IAM) solutions that ensure secure, scalable, and compliant access across Toyota’s cloud environments.
You will lead initiatives that strengthen our identity governance, enforce least-privilege access, and support automation and compliance across AWS and other platforms. This role requires deep technical expertise in IAM, strong collaboration skills, and a passion for secure cloud architecture.

QUALIFICATIONS/ WHAT YOU BRING (MUST HAVES) – HIGHLIGHT TOP 3-5 SKILLS

• 3–5 years of hands-on experience in cloud engineering, DevOps, or identity and access management (IAM) roles.
• Strong expertise in AWS Identity Center, IAM, Organizations, and Single Sign-On (SSO).
• Proficient in Infrastructure as Code (IaC) using tools such as Terraform, AWS Cloud Development Kit (CDK), or similar.
• Solid understanding of identity governance, access control principles, and least privilege enforcement.
• Skilled in Python for automation, scripting, and integration tasks.
• Familiarity with AWS monitoring and auditing tools like CloudTrail, AWS Config, and Security Hub.
• Experience with CI/CD pipelines, version control (e.g., Git), and deployment automation.
• Knowledge of cloud security best practices, including encryption, key management, and compliance frameworks.
• Comfortable working in multi-account AWS environments and managing cross-account access.
• AWS certification

QUALIFICATION/LICENSURE

Work Authorization : Green Card, US Citizen
Preferred years of experience : 0 years
Travel required : No travel required
Shift timings : 9 AM to 5 P

• IAM Implementation: Assist in configuring and managing IAM roles, policies, and permission boundaries across AWS environments.
• Access Controls: Support the enforcement of least-privilege access and RBAC/ABAC models across cloud accounts.
• Infrastructure as Code (IaC): Contribute to the development of reusable IAM modules using Terraform or AWS CDK.
• CI/CD Support: Help integrate identity validation into CI/CD pipelines to ensure secure deployments.
• Security & Compliance: Collaborate with security teams to align IAM practices with compliance standards and audit requirements.
• Monitoring & Troubleshooting: Monitor IAM activity and assist in investigating identity-related issues using tools like AWS CloudTrail and Config.
• Team Collaboration: Work with engineering, security, and compliance teams to support identity initiatives and improve IAM processes.