IAM Architect

About The Position

Requirements

• Strong hands-on experience with Identity and Access Management (IAM), including identity governance, access controls, authentication, authorization, privileged access management, and enterprise IAM architecture. Experience primarily focused on IT audit or compliance is not the primary focus of this role.
• Strong experience designing identity governance, authorization, federation, and lifecycle management patterns in complex enterprise environments.
• Experience with SailPoint ISC or IIQ, including governance architecture and enterprise IAM transformation initiatives.
• Strong understanding of RBAC, ABAC, policy-driven access models, and modern identity governance concepts.
• Strong experience with federation and enterprise access architecture, including practical design experience with Ping Identity platforms such as PingFederate and PingAccess.
• Ability to translate complex identity challenges into scalable, pragmatic architectural approaches.
• Experience working in SOX-controlled or other highly regulated environments.

Nice To Haves

• Experience with non-human identity governance patterns, including service accounts, APIs, automation identities, or secrets management.
• Experience contributing to enterprise IAM modernization or identity operating model evolution initiatives.
• Experience with SailPoint IIQ-to-ISC migration or similar identity governance platform modernization efforts.
• Experience with Ping Identity platforms such as PingFederate, PingAccess, and PingDirectory in complex enterprise environments.
• Familiarity with cloud transformation, automation platforms, or identity-centric security models.

Responsibilities

• Develop enterprise authorization patterns across RBAC, ABAC, and policy-driven access models to improve consistency, scalability, and long-term adaptability.
• Shape identity governance architecture and support modernization efforts across lifecycle management and enterprise access capabilities.
• Establish governance patterns for non-human identities, including service accounts, APIs, and automation workflows.
• Lead the architectural direction for enterprise federation and access patterns across PingFederate, PingAccess, Entra ID, and related identity platforms.
• Define scalable SSO, federation, trust, and access design patterns for application onboarding and modernization efforts.
• Partner with IAM leadership, engineering, operations, and security teams to guide long-term identity architecture and modernization decisions.
• Translate identity strategy into practical design patterns, governance models, and implementation guidance.
• Produce architecture standards, design artifacts, and decision frameworks that improve consistency across the identity ecosystem.

Benefits

• Comprehensive benefit programs and services for eligible employees including medical, dental, vision, and work/life resources.
• Retirement savings plans like 401(k) and paid days off such as parental leave and disability coverage.
• Generous PTO, Vacation and 9 paid holidays
• Volunteer days, community partnerships, Employee Assistance Program
• Employee discounts on select services and products
• Your choice of three medical plan tiers, two carriers to choose from & My Healthy Changes well-being program
• Adoption Assistance & Paid Parental Leave
• Tuition Funding Sources and Scholarship Programs
• Retirement plan (401K or SIRP for those eligible) with match on annual contributions