Enterprise Identity Access Management Security Architect

About The Position

Requirements

• A Bachelor's degree in Cybersecurity, Computer Science, or Information Technology is required. Equivalent experience is also acceptable.
• 15+ years of experience in security architecture, security engineering, or enterprise‑scale technology architecture roles.
• Experience in defining strategies and standards for enterprise security architecture is required. You should also have knowledge of reference architectures.
• Demonstrated ability to operate at a principal level, influencing architecture decisions across multiple teams without direct authority.
• Solid understanding of identity‑centric security models, including IAM, federation, access control, and privileged access concepts.
• Hands‑on or architectural experience applying Zero Trust principles across cloud platforms, applications, and data environments.
• Experience designing and governing secure cloud platform architectures, including landing zones, guardrails, and platform controls.
• Solid knowledge of cloud-native security features. This includes identity integration. It also includes policy implementation, secrets management, logging, and monitoring.
• Experience in guiding secure application architecture. This includes designing API architecture. It also covers authentication, authorization, and threat modeling practices.
• Knowledge of data protection and privacy-by-design principles is required. This includes encryption, key management, data classification, and regulatory considerations.
• You should be aware of secure software delivery practices. These practices include CI/CD security, automation, and security-by-design approaches.
• Exposure to or experience governing AI‑enabled platforms, automation, or emerging technologies, with a focus on risk, access, and data protection.
• Solid knowledge of industry security frameworks and standards such as NIST, CIS, MITRE ATT&CK, or equivalent.
• Top-notch communication and documentation skills, with the ability to present architectural concepts to technical and executive audiences.
• Proven ability to collaborate across Enterprise Architecture, platform, engineering, and security teams to drive adoption and consistency.

Responsibilities

• Define and evolve the enterprise security architecture vision, principles, and roadmap aligned with business and technology strategy.
• Establish security standards, reference architectures, and reusable patterns that enable secure, scalable delivery across the organization.
• Embed security‑by‑design and Zero Trust principles across cloud, applications, integrations, data, and emerging technologies.
• Shape architectures where identity and access serve as the primary security control plane.
• Define scalable IAM and PAM architectures, including federation, SSO, conditional access, RBAC, managed identities, and privileged access.
• Architect and manage cloud security designs for the enterprise. This includes creating landing zones. It also involves developing account and subscription models, networking, and platform-level guardrails.
• Set standards for cloud-native security capabilities. This includes managing identity and access control. It also covers policy implementation, workload protection, secrets management, as well as logging and monitoring.
• Guide the secure design of applications, APIs, and integrations. Focus on authentication and authorization. Also, conduct threat modeling.
• Define security patterns for data protection, encryption, key management, and privacy‑by‑design.
• Provide architectural guidance for the secure adoption of AI‑enabled tools, automation, and agent‑based workflows.
• Partner with Enterprise Architecture and platform teams to drive adoption, governance, and consistency, and mentor other security architects.